rpms/krb5
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- kadmind.init: don't fail outright if the default principal database isn't

Browse Source 
there if it looks like we might be using the kldap plugin
- kadmind.init: attempt to extract the key for the host-specific kadmin
    service when we try to create the keytab
This commit is contained in:
Nalin Dahyabhai 2007-05-18 22:16:16 +00:00
parent ea9e19241a
commit a9c20b1574
2 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
kadmind.init
View File

@ -30,7 +30,11 @@ RETVAL=0
# Shell functions to cut down on useless shell instances.
start() {
if [ ! -f /var/kerberos/krb5kdc/principal ] ; then
echo $"Error. Default principal database does not exist."
# Make an educated guess -- if they're using kldap somewhere,
# then we don't know for sure that this is an error.
if [ ! grep -q 'db_library.*=.*kldap' /etc/krb5.conf ] ; then
echo $"Error. Default principal database does not exist."
fi
exit 0
fi
if [ -f /var/kerberos/krb5kdc/kpropd.acl ] ; then
@ -39,7 +43,10 @@ start() {
else
if [ ! -f /var/kerberos/krb5kdc/kadm5.keytab ] ; then
echo -n $"Extracting kadm5 Service Keys: "
# This should always work.
/usr/kerberos/sbin/kadmin.local ${KRB5REALM:+-r $KRB5REALM} -q "ktadd -k /var/kerberos/krb5kdc/kadm5.keytab kadmin/admin${KRB5REALM:+@$KRB5REALM} kadmin/changepw${KRB5REALM:+@$KRB5REALM}" && success || failure
# It's probably okay if this fails.
/usr/kerberos/sbin/kadmin.local ${KRB5REALM:+-r $KRB5REALM} -q "ktadd -k /var/kerberos/krb5kdc/kadm5.keytab kadmin/`hostname`${KRB5REALM:+@$KRB5REALM}" 2> /dev/null && success
echo
fi
fi

6
krb5.spec
View File

@ -196,6 +196,12 @@ installed on systems which are meant provide these services.
%endif
%changelog
* Fri May 18 2007 Nalin Dahyabhai <nalin@redhat.com>
- kadmind.init: don't fail outright if the default principal database
isn't there if it looks like we might be using the kldap plugin
- kadmind.init: attempt to extract the key for the host-specific kadmin
service when we try to create the keytab
* Wed May 16 2007 Nalin Dahyabhai <nalin@redhat.com> 1.6-6
- omit dependent libraries from the krb5-config --libs output, as using
shared libraries (no more static libraries) makes them unnecessary and