Default client keytab name
Will Fiveash
will.fiveash at oracle.com
Thu Aug 2 18:23:24 EDT 2012
On Thu, Aug 02, 2012 at 12:43:32AM -0400, Greg Hudson wrote:
> On 07/21/2012 10:29 AM, ghudson at MIT.EDU wrote:
> > Soon there will be support for parameterizing the name. Once that's
> > in, what should we use for the built-in default? Here are some
> > options:
>
> Taking account the discussion, I think I will go with:
>
> FILE:$localstatedir/krb5/user/%{euid}/client.keytab
>
> This is overridable at build time. The build-time default is
> discoverable through krb5-config --defcktname, and the runtime default
> (after parameterization and possible override from krb5.conf or
> $KRB5_CLIENT_KTNAME) is discoverable through the output of klist -k -i.
It's good that the default can be overridden at build since for Solaris
the path will probably be /var/user/<lusername>/krb5/client.keytab.
--
Will Fiveash
Oracle Solaris Software Engineer
http://opensolaris.org/os/project/kerberos/
Sent using mutt, a sweet, text based e-mail app <http://www.mutt.org/>
More information about the krbdev
mailing list