Default client keytab name

Nico Williams nico at
Mon Jul 23 12:15:22 EDT 2012

I prefer consistency, so I prefer UIDs for keytabs because we already
use that for ccaches.  That said, I won't mind if there's a token that
means "username" and one that means "uid" and then we can leave it up
to the vendors and sysadmins which to use.

Also, it's not /etc that worries me but nscd.  In self-credentialed
mode nscd would deadlock if getpwuid() were needed.

More information about the krbdev mailing list