issue with MIT KDC and LDAP DS

Ken Raeburn raeburn at MIT.EDU
Tue May 26 19:20:29 EDT 2009

On May 26, 2009, at 16:35, Roland Dowdeswell wrote:
> I submitted a patch to RT to add an inetd mode to the KDC.  If you
> use that mode, then you can trivially write a parent that performs
> the bind logic and spawns off a number of children.  This would
> have the added benefit of providing a parent process that could
> restart kids if they crash.

Yes, I knew I'd seen it recently; I'm sorry I didn't remember it was  
yours while I was writing that email and trying (pretty  
unsuccessfully) to get done quickly and go do something else. :-)   
I've looked it over a couple times briefly, and the concept and code  
look good to me, though I haven't tested it myself.  If anyone is  
interested in taking a look at the code, it's ticket 6476.  Note that  
network.c is largely duplicated between the KDC and kadmind in 1.7,  
and the two versions probably should be merged, though it may take a  
little more work to make this functionality apply to RPC services.


Ken Raeburn / raeburn at / no longer at MIT Kerberos Consortium

More information about the krbdev mailing list