Start using crypto-policies
This commit is contained in:
parent
582b087130
commit
9baef8fa8f
@ -1,3 +1,5 @@
|
||||
# To opt out of the system crypto-policies configuration of krb5, remove the
|
||||
# symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated.
|
||||
includedir /etc/krb5.conf.d/
|
||||
|
||||
[logging]
|
||||
|
@ -43,7 +43,7 @@
|
||||
Summary: The Kerberos network authentication system
|
||||
Name: krb5
|
||||
Version: 1.14
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
# - Maybe we should explode from the now-available-to-everybody tarball instead?
|
||||
# http://web.mit.edu/kerberos/dist/krb5/1.13/krb5-1.13.2-signed.tar
|
||||
# - The sources below are stored in a lookaside cache. Upload with
|
||||
@ -450,6 +450,7 @@ install -pm 644 %{SOURCE6} $RPM_BUILD_ROOT/etc/krb5.conf
|
||||
|
||||
# Default include on this directory
|
||||
mkdir -p $RPM_BUILD_ROOT/etc/krb5.conf.d
|
||||
ln -sv /etc/crypto-policies/back-ends/krb5.conf $RPM_BUILD_ROOT/etc/krb5.conf.d/crypto-policies
|
||||
|
||||
# Parent of configuration file for list of loadable GSS mechs ("mechs"). This
|
||||
# location is not relative to sysconfdir, but is hard-coded in g_initialize.c.
|
||||
@ -796,6 +797,7 @@ exit 0
|
||||
%dir /etc/gss/mech.d
|
||||
%dir /etc/krb5.conf.d
|
||||
%verify(not md5 size mtime) %config(noreplace) /etc/krb5.conf
|
||||
%config(noreplace) /etc/krb5.conf.d/crypto-policies
|
||||
/%{_mandir}/man5/.k5identity.5*
|
||||
/%{_mandir}/man5/.k5login.5*
|
||||
/%{_mandir}/man5/k5identity.5*
|
||||
@ -887,6 +889,9 @@ exit 0
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Oct 19 2015 Robbie Harwood <rharwood@redhat.com> - 1.14-beta1-3
|
||||
- Start using crypto-policies
|
||||
|
||||
* Mon Oct 19 2015 Robbie Harwood <rharwood@redhat.com> - 1.14-beta1-2
|
||||
- TEMPORARILY disable usage of OFD locks as a workaround for x86
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user