auto-import changelog data from krb5-1.2.1-8.src.rpm

Wed Aug 16 2000 Nalin Dahyabhai <nalin@redhat.com> - fix summaries and descriptions - switched the default transfer protocol from PORT to PASV as proposed on bugzilla (#16134), and to match the regular ftp package's behavior Wed Jul 19 2000 Jeff Johnson <jbj@redhat.com> - rebuild to compress man pages. Sat Jul 15 2000 Bill Nottingham <notting@redhat.com> - move initscript back Fri Jul 14 2000 Nalin Dahyabhai <nalin@redhat.com> - disable servers by default to keep linuxconf from thinking they need to be started when they don't Thu Jul 13 2000 Prospector <bugzilla@redhat.com> - automatic rebuild Mon Jul 10 2000 Nalin Dahyabhai <nalin@redhat.com> - change cleanup code in post to not tickle chkconfig - add grep as a Prereq: for -libs Thu Jul 06 2000 Nalin Dahyabhai <nalin@redhat.com> - move condrestarts to postun - make xinetd configs noreplace - add descriptions to xinetd configs - add /etc/init.d as a prereq for the -server package - patch to properly truncate $TERM in krlogind Fri Jun 30 2000 Nalin Dahyabhai <nalin@redhat.com> - update to 1.2.1 - back out Tom Yu's patch, which is a big chunk of the 1.2 -> 1.2.1 update - start using the official source tarball instead of its contents Thu Jun 29 2000 Nalin Dahyabhai <nalin@redhat.com> - Tom Yu's patch to fix compatibility between 1.2 kadmin and 1.1.1 kadmind - pull out 6.2 options in the spec file (sonames changing in 1.2 means it's not compatible with other stuff in 6.2, so no need) Wed Jun 28 2000 Nalin Dahyabhai <nalin@redhat.com> - tweak graceful start/stop logic in post and preun Mon Jun 26 2000 Nalin Dahyabhai <nalin@redhat.com> - update to the 1.2 release - ditch a lot of our patches which went upstream - enable use of DNS to look up things at build-time - disable use of DNS to look up things at run-time in default krb5.conf - change ownership of the convert-config-files script to root.root - compress PS docs - fix some typos in the kinit man page - run condrestart in server post, and shut down in preun Mon Jun 19 2000 Nalin Dahyabhai <nalin@redhat.com> - only remove old krb5server init script links if the init script is there Sat Jun 17 2000 Nalin Dahyabhai <nalin@redhat.com> - disable kshell and eklogin by default Thu Jun 15 2000 Nalin Dahyabhai <nalin@redhat.com> - patch mkdir/rmdir problem in ftpcmd.y - add condrestart option to init script - split the server init script into three pieces and add one for kpropd Wed Jun 14 2000 Nalin Dahyabhai <nalin@redhat.com> - make sure workstation servers are all disabled by default - clean up krb5server init script Fri Jun 09 2000 Nalin Dahyabhai <nalin@redhat.com> - apply second set of buffer overflow fixes from Tom Yu - fix from Dirk Husung for a bug in buffer cleanups in the test suite - work around possibly broken rev binary in running test suite - move default realm configs from /var/kerberos to /var/kerberos Tue Jun 06 2000 Nalin Dahyabhai <nalin@redhat.com> - make ksu and v4rcp owned by root Sat Jun 03 2000 Nalin Dahyabhai <nalin@redhat.com> - use %{_infodir} to better comply with FHS - move .so files to -devel subpackage - tweak xinetd config files (bugs #11833, #11835, #11836, #11840) - fix package descriptions again Wed May 24 2000 Nalin Dahyabhai <nalin@redhat.com> - change a LINE_MAX to 1024, fix from Ken Raeburn - add fix for login vulnerability in case anyone rebuilds without krb4 compat - add tweaks for byte-swapping macros in krb.h, also from Ken - add xinetd config files - make rsh and rlogin quieter - build with debug to fix credential forwarding - add rsh as a build-time req because the configure scripts look for it to determine paths Wed May 17 2000 Nalin Dahyabhai <nalin@redhat.com> - fix config_subpackage logic Tue May 16 2000 Nalin Dahyabhai <nalin@redhat.com> - remove setuid bit on v4rcp and ksu - apply patches from Jeffrey Schiller to fix overruns Chris Evans found - reintroduce configs subpackage for use in the errata - add PreReq: sh-utils Mon May 15 2000 Nalin Dahyabhai <nalin@redhat.com> - fix double-free in the kdc (patch merged into MIT tree) - include convert-config-files script as a documentation file Wed May 03 2000 Nalin Dahyabhai <nalin@redhat.com> - patch ksu man page because the -C option never works - add access() checks and disable debug mode in ksu - modify default ksu build arguments to specify more directories in CMD_PATH and to use getusershell() Wed May 03 2000 Bill Nottingham <notting@redhat.com> - fix configure stuff for ia64 Mon Apr 10 2000 Nalin Dahyabhai <nalin@redhat.com> - add LDCOMBINE=-lc to configure invocation to use libc versioning (bug #10653) - change Requires: for/in subpackages to include 1.2.1 Wed Apr 05 2000 Nalin Dahyabhai <nalin@redhat.com> - add man pages for kerberos(1), kvno(1), .k5login(5) - add kvno to -workstation Mon Apr 03 2000 Nalin Dahyabhai <nalin@redhat.com> - Merge krb5-configs back into krb5-libs. The krb5.conf file is marked as a %config file anyway. - Make krb5.conf a noreplace config file. Thu Mar 30 2000 Nalin Dahyabhai <nalin@redhat.com> - Make klogind pass a clean environment to children, like NetKit's rlogind does. Wed Mar 08 2000 Nalin Dahyabhai <nalin@redhat.com> - Don't enable the server by default. - Compress info pages. - Add defaults for the PAM module to krb5.conf Mon Mar 06 2000 Nalin Dahyabhai <nalin@redhat.com> - Correct copyright: it's exportable now, provided the proper paperwork is filed with the government. Fri Mar 03 2000 Nalin Dahyabhai <nalin@redhat.com> - apply Mike Friedman's patch to fix format string problems - don't strip off argv[0] when invoking regular rsh/rlogin Thu Mar 02 2000 Nalin Dahyabhai <nalin@redhat.com> - run kadmin.local correctly at startup Mon Feb 28 2000 Nalin Dahyabhai <nalin@redhat.com> - pass absolute path to kadm5.keytab if/when extracting keys at startup Sat Feb 19 2000 Nalin Dahyabhai <nalin@redhat.com> - fix info page insertions Wed Feb 09 2000 Nalin Dahyabhai <nalin@redhat.com> - tweak server init script to automatically extract kadm5 keys if /var/kerberos/krb5kdc/kadm5.keytab doesn't exist yet - adjust package descriptions Thu Feb 03 2000 Nalin Dahyabhai <nalin@redhat.com> - fix for potentially gzipped man pages Fri Jan 21 2000 Nalin Dahyabhai <nalin@redhat.com> - fix comments in krb5-configs Fri Jan 07 2000 Nalin Dahyabhai <nalin@redhat.com> - move /usr/kerberos/bin to end of PATH Tue Dec 28 1999 Nalin Dahyabhai <nalin@redhat.com> - install kadmin header files Tue Dec 21 1999 Nalin Dahyabhai <nalin@redhat.com> - patch around TIOCGTLC defined on alpha and remove warnings from libpty.h - add installation of info docs - remove krb4 compat patch because it doesn't fix workstation-side servers Mon Dec 20 1999 Nalin Dahyabhai <nalin@redhat.com> - remove hesiod dependency at build-time Sun Dec 19 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu> - rebuild on 1.1.1 Thu Oct 07 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu> - clean up init script for server, verify that it works [jlkatz] - clean up rotation script so that rc likes it better - add clean stanza Mon Oct 04 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu> - backed out ncurses and makeshlib patches - update for krb5-1.1 - add KDC rotation to rc.boot, based on ideas from Michael's C version Sun Sep 26 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu> - added -lncurses to telnet and telnetd makefiles Mon Jul 05 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu> - added krb5.csh and krb5.sh to /etc/profile.d Tue Jun 22 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu> - broke out configuration files Mon Jun 14 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu> - fixed server package so that it works now Sat May 15 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu> - started changelog - updated existing 1.0.5 RPM from Eos Linux to krb5 1.0.6 - added --force to makeinfo commands to skip errors during build
2004-09-09 07:05:48 +00:00 · 2004-09-09 07:05:48 +00:00 · af3b5464f0
commit af3b5464f0
parent e7d1e844b3
21 changed files with 1093 additions and 0 deletions
--- a/.cvsignore
+++ b/.cvsignore
@ -0,0 +1 @@
+krb5-1.2.1.tar
--- a/eklogin.xinetd
+++ b/eklogin.xinetd
@ -0,0 +1,13 @@
+# default: off
+# description: The encrypting kerberized rlogin server accepts rlogin sessions \
+#              authenticated and encrypted with Kerberos 5.
+service eklogin
+{
+	flags		= REUSE
+	socket_type	= stream        
+	wait		= no
+	user		= root
+	server		= /usr/kerberos/sbin/klogind
+	server_args	= -e -5
+	disable		= yes
+}
--- a/gssftp.xinetd
+++ b/gssftp.xinetd
@ -0,0 +1,14 @@
+# default: off
+# description: The kerberized FTP server accepts FTP connections \
+#              that can be authenticated with Kerberos 5.
+service ftp
+{
+	flags		= REUSE
+	socket_type	= stream        
+	wait		= no
+	user		= root
+	server		= /usr/kerberos/sbin/ftpd
+	server_args	= -l -a
+	log_on_failure	+= USERID
+	disable		= yes
+}
--- a/kadm5.acl
+++ b/kadm5.acl
@ -0,0 +1 @@
+*/admin@EXAMPLE.COM	*
--- a/kadmind.init
+++ b/kadmind.init
@ -0,0 +1,79 @@
+#!/bin/sh
+#
+# kadmind      Start and stop the Kerberos 5 administrative server.
+#
+# chkconfig:   - 35 65
+# description: Kerberos 5 is a trusted third-party authentication system.  \
+#	       This script starts and stops the Kerberos 5 administrative \
+#              server, which should only be run on the master server for a \
+#              realm.
+# processname: kadmind
+#
+
+# Get config.
+. /etc/sysconfig/network
+
+# Check that networking is up.
+[ ${NETWORKING} = "no" ] && exit 0
+
+# Source function library.
+. /etc/init.d/functions
+
+RETVAL=0
+
+# Sheel functions to cut down on useless shell instances.
+start() {
+  	if [ ! -f /var/kerberos/krb5kdc/principal ] ; then
+	    exit 0
+	fi
+  	if [ -f /var/kerberos/krb5kdc/kpropd.acl ] ; then
+	    exit 0
+	else
+  	    if [ ! -f /var/kerberos/krb5kdc/kadm5.keytab ] ; then
+		echo "Extracting kadm5 Service Keys"
+		/usr/kerberos/sbin/kadmin.local -q "ktadd -k /var/kerberos/krb5kdc/kadm5.keytab kadmin/admin kadmin/changepw" && success || fail
+		echo
+	    fi
+	fi
+	echo -n "Starting Kerberos 5 Admin Server"
+	daemon /usr/kerberos/sbin/kadmind
+	RETVAL=$?
+	echo
+	[ $RETVAL = 0 ] && touch /var/lock/subsys/kadmin
+}
+stop() {
+	echo -n "Stopping Kerberos 5 Admin Server"
+	killproc kadmind
+	RETVAL=$?
+	echo
+	[ $RETVAL = 0 ] && rm -f /var/lock/subsys/kadmin
+}
+
+# See how we were called.
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	stop
+	;;
+  restart)
+	stop
+	start
+	;;
+  status)
+	status kadmind
+	;;
+  condrestart)
+	if [ -f /var/lock/subsys/kadmin ] ; then
+		stop
+		start
+	fi
+	;;
+  *)
+	echo "Usage: $0 {start|stop|status|condrestart|restart}"
+	RETVAL=1
+	;;
+esac
+
+exit $RETVAL
--- a/kdc.conf
+++ b/kdc.conf
@ -0,0 +1,10 @@
+[kdcdefaults]
+ acl_file = /var/kerberos/krb5kdc/kadm5.acl
+ dict_file = /usr/dict/words
+ admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
+
+[realms]
+ EXAMPLE.COM = {
+  master_key_type = des-cbc-crc
+  supported_enctypes = des-cbc-crc:normal des3-cbc-raw:normal des3-cbc-sha1:normal des-cbc-crc:v4 des-cbc-crc:afs3
+ }
--- a/45
+++ b/45
@ -0,0 +1,45 @@
+#!/bin/sh
+#
+# kdcrotate     This shell script rotates the list of KDCs in /etc/krb5.conf
+#
+# Author:       Based on SysV Init in RHS Linux by Damien Neil
+#               Written by Nalin Dahyabhai <nalin@redhat.com>
+#
+# chkconfig:	345 99 01
+#
+# description:  Rotate the list of KDCs listed in /etc/krb5.conf
+#
+
+PATH=/sbin:$PATH
+
+# Only run in runlevels where we're 'enabled', which should only be 345.
+if [ "$1" != "start" ] ; then
+	exit 0
+fi
+
+# source function library
+. /etc/rc.d/init.d/functions
+
+action "Rotating KDC list" "awk '	/^[[:space:]]*kdc[[:space:]]*=/ { \\
+		if(length(firstkdc) == 0) { \\
+			firstkdc = \$0; \\
+		} else { \\
+			if(length(kdclist) > 0) { \\
+				kdclist = kdclist ORS; \\
+			} \\
+			kdclist = kdclist \$0; \\
+		} \\
+		next; \\
+	} \\
+	{ \\
+		if(length(kdclist) > 0) { \\
+			NEWCONFIG = NEWCONFIG kdclist ORS; \\
+		} \\
+		if(length(firstkdc) > 0) { \\
+			NEWCONFIG = NEWCONFIG firstkdc ORS; \\
+		} \\
+		firstkdc = \"\"; \\
+		kdclist = \"\"; \\
+		NEWCONFIG = NEWCONFIG \$0 ORS; \\
+	} \\
+	END {printf \"%s\", NEWCONFIG > \"/etc/krb5.conf\"}' /etc/krb5.conf"
--- a/klogin.xinetd
+++ b/klogin.xinetd
@ -0,0 +1,13 @@
+# default: off
+# description: The kerberized rlogin server accepts BSD-style rlogin sessions, \
+#              but uses Kerberos 5 authentication.
+service klogin
+{
+	flags		= REUSE
+	socket_type	= stream        
+	wait		= no
+	user		= root
+	server		= /usr/kerberos/sbin/klogind
+	server_args	= -5
+	disable		= yes
+}
--- a/kpropd.init
+++ b/kpropd.init
@ -0,0 +1,71 @@
+#!/bin/sh
+#
+# kpropd.init  Start and stop the Kerberos 5 propagation client.
+#
+# chkconfig:   - 35 65
+# description: Kerberos 5 is a trusted third-party authentication system.  \
+#	       This script starts and stops the service that allows this \
+#              KDC to receive updates from your master KDC.
+# processname: kpropd
+#
+
+# Get config.
+. /etc/sysconfig/network
+
+# Check that networking is up.
+[ ${NETWORKING} = "no" ] && exit 0
+
+# Source function library.
+. /etc/init.d/functions
+
+RETVAL=0
+
+# Sheel functions to cut down on useless shell instances.
+start() {
+  	if [ ! -f /var/kerberos/krb5kdc/principal ] ; then
+	    exit 0
+	fi
+  	if [ ! -f /var/kerberos/krb5kdc/kpropd.acl ] ; then
+	    exit 0
+	fi
+	echo -n "Starting Kerberos 5 Propagation Server:"
+	daemon /usr/kerberos/sbin/kpropd -S
+	RETVAL=$?
+	[ $RETVAL = 0 ] && touch /var/lock/subsys/kprop
+}
+stop() {
+	echo -n "Stopping Kerberos 5 Propagation Server:"
+	killproc kpropd
+	RETVAL=$?
+	echo
+	[ $RETVAL = 0 ] && rm -f /var/lock/subsys/kprop
+}
+
+# See how we were called.
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	stop
+	;;
+  restart)
+	stop
+	start
+	;;
+  status)
+	status kpropd
+	;;
+  condrestart)
+	if [ -f /var/lock/subsys/kprop ] ; then
+		stop
+		start
+	fi
+	;;
+  *)
+	echo "Usage: $0 {start|stop|status|restart|condrestart}"
+	RETVAL=1
+	;;
+esac
+
+exit $RETVAL
--- a/krb5-1.2.1-passive.patch
+++ b/krb5-1.2.1-passive.patch
@ -0,0 +1,29 @@
+--- krb5-1.2.1/src/appl/gssftp/ftp/main.c.passive	Thu Jun 29 22:27:07 2000
+++ krb5-1.2.1/src/appl/gssftp/ftp/main.c	Wed Aug 16 13:15:08 2000
+@@ -178,7 +178,7 @@
+ 	cpend = 0;	/* no pending replies */
+ 	proxy = 0;	/* proxy not active */
+ #ifndef NO_PASSIVE_MODE
+-	passivemode = 0; /* passive mode not active */
+	passivemode = 1; /* passive mode active by default */
+ #endif
+ 	crflag = 1;	/* strip c.r. on ascii gets */
+ 	sendport = -1;	/* not using ports */
+--- krb5-1.2.1/src/appl/gssftp/ftp/ftp.M.passive	Wed Aug 16 13:15:26 2000
+++ krb5-1.2.1/src/appl/gssftp/ftp/ftp.M	Wed Aug 16 13:17:19 2000
+@@ -619,10 +619,11 @@
+ will forward a copy of the user's Kerberos tickets to the remote host.
+ .TP
+ .B passive
+-Toggle passive data transfer mode.  In passive mode, the client initiates
+-the data connection by listening on the data port.  Passive mode may
+-be necessary for operation from behind firewalls which do not permit
+-incoming connections.
+Toggle passive data transfer mode off.  In passive mode, the client initiates
+the data connection by connecting to the data port.  Passive mode is
+often necessary for operation from behind firewalls which do not permit
+incoming connections, but may need to be disabled if you connect to an
+FTP server which does not support passive operation.
+ .TP
+ .B private
+ Set the protection level on data transfers to ``private''.  Data
--- a/krb5-telnet.xinetd
+++ b/krb5-telnet.xinetd
@ -0,0 +1,13 @@
+# default: off
+# description: The kerberized telnet server accepts normal telnet sessions, \
+#              but can also use Kerberos 5 authentication.
+service telnet
+{
+	flags		= REUSE
+	socket_type	= stream        
+	wait		= no
+	user		= root
+	server		= /usr/kerberos/sbin/telnetd
+	log_on_failure	+= USERID
+	disable		= yes
+}
--- a/krb5.conf
+++ b/krb5.conf
@ -0,0 +1,31 @@
+[logging]
+ default = FILE:/var/log/krb5libs.log
+ kdc = FILE:/var/log/krb5kdc.log
+ admin_server = FILE:/var/log/kadmind.log
+
+[libdefaults]
+ ticket_lifetime = 24000
+ default_realm = EXAMPLE.COM
+ dns_lookup_realm = false
+ dns_lookup_kdc = false
+
+[realms]
+ EXAMPLE.COM = {
+  kdc = kerberos.example.com:88
+  admin_server = kerberos.example.com:749
+  default_domain = example.com
+ }
+
+[domain_realm]
+ .example.com = EXAMPLE.COM
+ example.com = EXAMPLE.COM
+
+[kdc]
+ profile = /var/kerberos/krb5kdc/kdc.conf
+
+[pam]
+ debug = false
+ ticket_lifetime = 36000
+ renew_lifetime = 36000
+ forwardable = true
+ krb4_convert = false
--- a/krb5.csh
+++ b/krb5.csh
@ -0,0 +1,8 @@
+if ( /usr/kerberos/bin !~ "${path}" ) then
+	set path = ( /usr/kerberos/bin $path )
+endif
+if ( /usr/kerberos/sbin !~ "${path}" ) then
+	if ( `id -u` == 0 ) then
+		set path = ( /usr/kerberos/sbin $path )
+	endif
+endif
--- a/krb5.sh
+++ b/krb5.sh
@ -0,0 +1,8 @@
+if ! echo ${PATH} | grep -q /usr/kerberos/bin ; then
+	PATH=/usr/kerberos/bin:${PATH}
+fi
+if ! echo ${PATH} | grep -q /usr/kerberos/sbin ; then
+	if [ `id -u` = 0 ] ; then
+		PATH=/usr/kerberos/sbin:${PATH}
+	fi
+fi
--- a/krb5.spec
+++ b/krb5.spec
@ -0,0 +1,603 @@
+%define prefix %{_prefix}/kerberos
+
+Summary: The Kerberos network authentication system.
+Name: krb5
+Version: 1.2.1
+Release: 8
+Source0: krb5-%{version}.tar
+Source1: kpropd.init
+Source2: krb524d.init
+Source3: kadmind.init
+Source4: krb5kdc.init
+Source5: krb5.conf
+Source6: krb5.sh
+Source7: krb5.csh
+Source8: kdcrotate
+Source9: kdc.conf
+Source10: kadm5.acl
+Source11: krsh
+Source12: krlogin
+Source13: eklogin.xinetd
+Source14: klogin.xinetd
+Source15: kshell.xinetd
+Source16: krb5-telnet.xinetd
+Source17: gssftp.xinetd
+Source18: krb5server.init
+Patch0: krb5-1.1-db.patch
+Patch1: krb5-1.1.1-tiocgltc.patch
+Patch2: krb5-1.1.1-libpty.patch
+Patch3: krb5-1.1.1-fixinfo.patch
+Patch4: krb5-1.1.1-manpages.patch
+Patch5: krb5-1.1.1-netkitr.patch
+Patch6: krb5-1.2-rlogind.patch
+Patch7: krb5-1.2-ksu.patch
+Patch8: krb5-1.2-ksu.options.patch
+Patch9: krb5-1.2-ksu.man.patch
+Patch10: krb5-1.2-quiet.patch
+Patch11: krb5-1.1.1-brokenrev.patch
+Patch12: krb5-1.2-spelling.patch
+Patch13: krb5-1.2.1-term.patch
+Patch14: krb5-1.2.1-passive.patch
+Copyright: MIT, freely distributable.
+URL: http://web.mit.edu/kerberos/www/
+Group: System Environment/Libraries
+BuildRoot: %{_tmppath}/%{name}-root
+Prereq: grep, info, sh-utils, /sbin/install-info
+BuildPrereq: e2fsprogs-devel, gzip, rsh, tcl, texinfo, tar
+
+%description
+Kerberos V5 is a trusted-third-party network authentication system,
+which can improve your network's security by eliminating the insecure
+practice of cleartext passwords.
+
+%package devel
+Summary: Development files needed for compiling Kerberos 5 programs.
+Group: Development/Libraries
+Requires: %{name}-libs = %{version}
+
+%description devel
+Kerberos is a network authentication system.  The krb5-devel package
+contains the header files and libraries needed for compiling Kerberos
+5 programs. If you want to develop Kerberos-aware programs, you'll
+need to install this package.
+
+%package libs
+Summary: The shared libraries used by Kerberos 5.
+Group: System Environment/Libraries
+Prereq: grep, /sbin/ldconfig, sh-utils
+
+%description libs
+Kerberos is a network authentication system.  The krb5-libs package
+contains the shared libraries needed by Kerberos 5.  If you're using
+Kerberos, you'll need to install this package.
+
+%package server
+Group: System Environment/Daemons
+Summary: The server programs for Kerberos 5.
+Requires: %{name}-libs = %{version}, %{name}-workstation = %{version}
+Prereq: grep, /sbin/install-info, /bin/sh, sh-utils, /etc/init.d
+
+%description server
+Kerberos is a network authentication system.  The krb5-server package
+contains the programs that must be installed on a Kerberos 5 server.
+If you're installing a Kerberos 5 server, you need to install this
+package (in other words, most people should NOT install this
+package).
+
+%package workstation
+Summary: Kerberos 5 programs for use on workstations.
+Group: System Environment/Base
+Requires: %{name}-libs = %{version}
+Prereq: grep, /sbin/install-info, /bin/sh, sh-utils
+
+%description workstation
+Kerberos is a network authentication system.  The krb5-workstation
+package contains the basic Kerberos programs (kinit, klist, kdestroy,
+kpasswd) as well as kerberized versions of Telnet and FTP.  If your
+network uses Kerberos, this package should be installed on every
+workstation.
+
+%changelog
+* Wed Aug 16 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix summaries and descriptions
+- switched the default transfer protocol from PORT to PASV as proposed on
+  bugzilla (#16134), and to match the regular ftp package's behavior
+
+* Wed Jul 19 2000 Jeff Johnson <jbj@redhat.com>
+- rebuild to compress man pages.
+
+* Sat Jul 15 2000 Bill Nottingham <notting@redhat.com>
+- move initscript back
+
+* Fri Jul 14 2000 Nalin Dahyabhai <nalin@redhat.com>
+- disable servers by default to keep linuxconf from thinking they need to be
+  started when they don't
+
+* Thu Jul 13 2000 Prospector <bugzilla@redhat.com>
+- automatic rebuild
+
+* Mon Jul 10 2000 Nalin Dahyabhai <nalin@redhat.com>
+- change cleanup code in post to not tickle chkconfig
+- add grep as a Prereq: for -libs
+
+* Thu Jul  6 2000 Nalin Dahyabhai <nalin@redhat.com>
+- move condrestarts to postun
+- make xinetd configs noreplace
+- add descriptions to xinetd configs
+- add /etc/init.d as a prereq for the -server package
+- patch to properly truncate $TERM in krlogind
+
+* Fri Jun 30 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to 1.2.1
+- back out Tom Yu's patch, which is a big chunk of the 1.2 -> 1.2.1 update
+- start using the official source tarball instead of its contents
+
+* Thu Jun 29 2000 Nalin Dahyabhai <nalin@redhat.com>
+- Tom Yu's patch to fix compatibility between 1.2 kadmin and 1.1.1 kadmind
+- pull out 6.2 options in the spec file (sonames changing in 1.2 means it's not
+  compatible with other stuff in 6.2, so no need)
+
+* Wed Jun 28 2000 Nalin Dahyabhai <nalin@redhat.com>
+- tweak graceful start/stop logic in post and preun
+
+* Mon Jun 26 2000 Nalin Dahyabhai <nalin@redhat.com>
+- update to the 1.2 release
+- ditch a lot of our patches which went upstream
+- enable use of DNS to look up things at build-time
+- disable use of DNS to look up things at run-time in default krb5.conf
+- change ownership of the convert-config-files script to root.root
+- compress PS docs
+- fix some typos in the kinit man page
+- run condrestart in server post, and shut down in preun
+
+* Mon Jun 19 2000 Nalin Dahyabhai <nalin@redhat.com>
+- only remove old krb5server init script links if the init script is there
+
+* Sat Jun 17 2000 Nalin Dahyabhai <nalin@redhat.com>
+- disable kshell and eklogin by default
+
+* Thu Jun 15 2000 Nalin Dahyabhai <nalin@redhat.com>
+- patch mkdir/rmdir problem in ftpcmd.y
+- add condrestart option to init script
+- split the server init script into three pieces and add one for kpropd
+
+* Wed Jun 14 2000 Nalin Dahyabhai <nalin@redhat.com>
+- make sure workstation servers are all disabled by default
+- clean up krb5server init script
+
+* Fri Jun  9 2000 Nalin Dahyabhai <nalin@redhat.com>
+- apply second set of buffer overflow fixes from Tom Yu
+- fix from Dirk Husung for a bug in buffer cleanups in the test suite
+- work around possibly broken rev binary in running test suite
+- move default realm configs from /var/kerberos to %{_var}/kerberos
+
+* Tue Jun  6 2000 Nalin Dahyabhai <nalin@redhat.com>
+- make ksu and v4rcp owned by root
+
+* Sat Jun  3 2000 Nalin Dahyabhai <nalin@redhat.com>
+- use %%{_infodir} to better comply with FHS
+- move .so files to -devel subpackage
+- tweak xinetd config files (bugs #11833, #11835, #11836, #11840)
+- fix package descriptions again
+
+* Wed May 24 2000 Nalin Dahyabhai <nalin@redhat.com>
+- change a LINE_MAX to 1024, fix from Ken Raeburn
+- add fix for login vulnerability in case anyone rebuilds without krb4 compat
+- add tweaks for byte-swapping macros in krb.h, also from Ken
+- add xinetd config files
+- make rsh and rlogin quieter
+- build with debug to fix credential forwarding
+- add rsh as a build-time req because the configure scripts look for it to
+  determine paths
+
+* Wed May 17 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix config_subpackage logic
+
+* Tue May 16 2000 Nalin Dahyabhai <nalin@redhat.com>
+- remove setuid bit on v4rcp and ksu
+- apply patches from Jeffrey Schiller to fix overruns Chris Evans found
+- reintroduce configs subpackage for use in the errata
+- add PreReq: sh-utils
+
+* Mon May 15 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix double-free in the kdc (patch merged into MIT tree)
+- include convert-config-files script as a documentation file
+
+* Wed May 03 2000 Nalin Dahyabhai <nalin@redhat.com>
+- patch ksu man page because the -C option never works
+- add access() checks and disable debug mode in ksu
+- modify default ksu build arguments to specify more directories in CMD_PATH
+  and to use getusershell()
+
+* Wed May 03 2000 Bill Nottingham <notting@redhat.com>
+- fix configure stuff for ia64
+
+* Mon Apr 10 2000 Nalin Dahyabhai <nalin@redhat.com>
+- add LDCOMBINE=-lc to configure invocation to use libc versioning (bug #10653)
+- change Requires: for/in subpackages to include %{version}
+
+* Wed Apr 05 2000 Nalin Dahyabhai <nalin@redhat.com>
+- add man pages for kerberos(1), kvno(1), .k5login(5)
+- add kvno to -workstation
+
+* Mon Apr 03 2000 Nalin Dahyabhai <nalin@redhat.com>
+- Merge krb5-configs back into krb5-libs.  The krb5.conf file is marked as
+  a %%config file anyway.
+- Make krb5.conf a noreplace config file.
+
+* Thu Mar 30 2000 Nalin Dahyabhai <nalin@redhat.com>
+- Make klogind pass a clean environment to children, like NetKit's rlogind does.
+
+* Wed Mar 08 2000 Nalin Dahyabhai <nalin@redhat.com>
+- Don't enable the server by default.
+- Compress info pages.
+- Add defaults for the PAM module to krb5.conf
+
+* Mon Mar 06 2000 Nalin Dahyabhai <nalin@redhat.com>
+- Correct copyright: it's exportable now, provided the proper paperwork is
+  filed with the government.
+
+* Fri Mar 03 2000 Nalin Dahyabhai <nalin@redhat.com>
+- apply Mike Friedman's patch to fix format string problems
+- don't strip off argv[0] when invoking regular rsh/rlogin
+
+* Thu Mar 02 2000 Nalin Dahyabhai <nalin@redhat.com>
+- run kadmin.local correctly at startup
+
+* Mon Feb 28 2000 Nalin Dahyabhai <nalin@redhat.com>
+- pass absolute path to kadm5.keytab if/when extracting keys at startup
+
+* Sat Feb 19 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix info page insertions
+
+* Wed Feb  9 2000 Nalin Dahyabhai <nalin@redhat.com>
+- tweak server init script to automatically extract kadm5 keys if
+  /var/kerberos/krb5kdc/kadm5.keytab doesn't exist yet
+- adjust package descriptions
+
+* Thu Feb  3 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix for potentially gzipped man pages
+
+* Fri Jan 21 2000 Nalin Dahyabhai <nalin@redhat.com>
+- fix comments in krb5-configs
+
+* Fri Jan  7 2000 Nalin Dahyabhai <nalin@redhat.com>
+- move /usr/kerberos/bin to end of PATH
+
+* Tue Dec 28 1999 Nalin Dahyabhai <nalin@redhat.com>
+- install kadmin header files
+
+* Tue Dec 21 1999 Nalin Dahyabhai <nalin@redhat.com>
+- patch around TIOCGTLC defined on alpha and remove warnings from libpty.h
+- add installation of info docs
+- remove krb4 compat patch because it doesn't fix workstation-side servers
+
+* Mon Dec 20 1999 Nalin Dahyabhai <nalin@redhat.com>
+- remove hesiod dependency at build-time
+
+* Sun Dec 19 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
+- rebuild on 1.1.1
+
+* Thu Oct  7 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
+- clean up init script for server, verify that it works [jlkatz]
+- clean up rotation script so that rc likes it better
+- add clean stanza
+
+* Mon Oct  4 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
+- backed out ncurses and makeshlib patches
+- update for krb5-1.1
+- add KDC rotation to rc.boot, based on ideas from Michael's C version
+
+* Mon Sep 26 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
+- added -lncurses to telnet and telnetd makefiles
+
+* Mon Jul  5 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
+- added krb5.csh and krb5.sh to /etc/profile.d
+
+* Mon Jun 22 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
+- broke out configuration files
+
+* Mon Jun 14 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
+- fixed server package so that it works now
+
+* Sat May 15 1999 Nalin Dahyabhai <nsdahya1@eos.ncsu.edu>
+- started changelog
+- updated existing 1.0.5 RPM from Eos Linux to krb5 1.0.6
+- added --force to makeinfo commands to skip errors during build
+
+%prep
+%setup -q -c
+gzip -dc krb5-%{version}.src.tar.gz | tar -xf - -C ..
+gzip -dc krb5-%{version}.crypto.tar.gz | tar -xf - -C ..
+gzip -dc krb5-%{version}.doc.tar.gz | tar -xf - -C ..
+%patch0  -p0 -b .db
+%patch1  -p0 -b .tciogltc
+%patch2  -p0 -b .libpty
+%patch3  -p0 -b .fixinfo
+%patch4  -p0 -b .manpages
+%patch5  -p0 -b .netkitr
+%patch6  -p1 -b .rlogind
+%patch7  -p1 -b .ksu
+%patch8 -p1 -b .ksu-options
+%patch9 -p1 -b .ksu-man
+%patch10 -p1 -b .quiet
+%patch11 -p1 -b .brokenrev
+%patch12 -p1 -b .spelling
+%patch13 -p1 -b .term
+%patch14 -p1 -b .passive
+find . -type f -name "*.fixinfo" -exec rm -fv "{}" ";"
+gzip doc/*.ps
+
+%build
+cd src
+libtoolize --copy --force
+cp config.{guess,sub} config
+
+# Can't use %%configure because we don't use the default mandir.
+LDCOMBINE_TAIL="-lc"; export LDCOMBINE_TAIL
+./configure \
+	--with-cc=%{__cc} --with-ccopts="-ggdb" \
+	--enable-shared --enable-static \
+	--prefix=%{prefix} \
+	--infodir=%{_infodir} \
+	--localstatedir=%{_var}/kerberos \
+	--with-krb4 \
+	--enable-dns --enable-dns-for-kdc --enable-dns-for-realm \
+	--with-netlib=-lresolv \
+	--with-tcl=%{_prefix} \
+	%{_target_platform}
+make
+
+# Run the test suite.
+# make check TMPDIR=%{_tmppath}
+
+%install
+[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
+
+# Our shell scripts.
+mkdir -p $RPM_BUILD_ROOT%{prefix}/bin
+install -m 755 $RPM_SOURCE_DIR/{krsh,krlogin} $RPM_BUILD_ROOT/%{prefix}/bin/
+
+# Extra headers.
+mkdir -p $RPM_BUILD_ROOT%{prefix}/include
+(cd src/include
+ find kadm5 krb5 gssrpc gssapi -name "*.h" | \
+ cpio -pdm  $RPM_BUILD_ROOT/%{prefix}/include )
+sed 's^k5-int^krb5/kdb^g' < $RPM_BUILD_ROOT/%{prefix}/include/kadm5/admin.h \
+			  > $RPM_BUILD_ROOT/%{prefix}/include/kadm5/admin.h2 &&\
+mv $RPM_BUILD_ROOT/%{prefix}/include/kadm5/admin.h2 \
+   $RPM_BUILD_ROOT/%{prefix}/include/kadm5/admin.h
+find $RPM_BUILD_ROOT/%{prefix}/include -type d | xargs chmod 755
+find $RPM_BUILD_ROOT/%{prefix}/include -type f | xargs chmod 644
+
+# Info docs.
+mkdir -p $RPM_BUILD_ROOT%{_infodir}
+install -m 644 doc/*.info* $RPM_BUILD_ROOT%{_infodir}/
+gzip $RPM_BUILD_ROOT%{_infodir}/*.info*
+
+# KDC config files.
+mkdir -p $RPM_BUILD_ROOT%{_var}/kerberos/krb5kdc
+install -m 644 $RPM_SOURCE_DIR/kdc.conf  $RPM_BUILD_ROOT%{_var}/kerberos/krb5kdc/
+install -m 644 $RPM_SOURCE_DIR/kadm5.acl $RPM_BUILD_ROOT%{_var}/kerberos/krb5kdc/
+
+# Client config files and scripts.
+mkdir -p $RPM_BUILD_ROOT/etc/profile.d
+install -m 644 $RPM_SOURCE_DIR/krb5.conf $RPM_BUILD_ROOT/etc/krb5.conf
+install -m 755 $RPM_SOURCE_DIR/krb5.{sh,csh} $RPM_BUILD_ROOT/etc/profile.d/
+
+# KDC init script.
+mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
+install -m 755 $RPM_SOURCE_DIR/krb5kdc.init $RPM_BUILD_ROOT/etc/rc.d/init.d/krb5kdc
+install -m 755 $RPM_SOURCE_DIR/kadmind.init $RPM_BUILD_ROOT/etc/rc.d/init.d/kadmin
+install -m 755 $RPM_SOURCE_DIR/kpropd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/kprop
+install -m 755 $RPM_SOURCE_DIR/krb524d.init $RPM_BUILD_ROOT/etc/rc.d/init.d/krb524
+install -m 755 $RPM_SOURCE_DIR/kdcrotate $RPM_BUILD_ROOT/etc/rc.d/init.d/
+
+# The rest of the binaries and libraries and docs.
+cd src
+make prefix=$RPM_BUILD_ROOT%{prefix} \
+	localstatedir=$RPM_BUILD_ROOT%{_var}/kerberos \
+	infodir=$RPM_BUILD_ROOT%{_infodir} install
+
+# Fixup strange shared library permissions.
+chmod 755 $RPM_BUILD_ROOT%{prefix}/lib/*.so*
+
+# Xinetd configuration files.
+mkdir -p $RPM_BUILD_ROOT/etc/xinetd.d/
+for xinetd in eklogin klogin kshell krb5-telnet gssftp ; do
+	install -m 644 $RPM_SOURCE_DIR/${xinetd}.xinetd \
+	$RPM_BUILD_ROOT/etc/xinetd.d/${xinetd}
+done
+
+# Trim off useless info.
+strip $RPM_BUILD_ROOT%{prefix}/bin/* $RPM_BUILD_ROOT%{prefix}/sbin/* || :
+strip -g $RPM_BUILD_ROOT%{prefix}/lib/lib* || :
+
+%post libs
+grep -q %{prefix}/lib /etc/ld.so.conf || echo %{prefix}/lib >> /etc/ld.so.conf
+/sbin/ldconfig
+
+%postun libs -p /sbin/ldconfig
+
+%post server
+# Remove the init script for older servers.
+[ -x /etc/rc.d/init.d/krb5server ] && /sbin/chkconfig --del krb5server
+# Install the new ones.
+/sbin/chkconfig --add krb5kdc
+/sbin/chkconfig --add kadmin
+/sbin/chkconfig --add krb524
+/sbin/chkconfig --add kprop
+# Install info pages.
+/sbin/install-info %{_infodir}/krb425.info.gz %{_infodir}/dir
+/sbin/install-info %{_infodir}/krb5-admin.info.gz %{_infodir}/dir
+/sbin/install-info %{_infodir}/krb5-install.info.gz %{_infodir}/dir
+
+%preun server
+if [ "$1" = "0" ] ; then
+	/sbin/chkconfig --del krb5kdc
+	/sbin/chkconfig --del kadmin
+	/sbin/chkconfig --del krb524
+	/sbin/chkconfig --del kprop
+	/sbin/service krb5kdc stop > /dev/null 2>&1 || :
+	/sbin/service kadmin stop > /dev/null 2>&1 || :
+	/sbin/service krb524 stop > /dev/null 2>&1 || :
+	/sbin/service kprop stop > /dev/null 2>&1 || :
+	/sbin/install-info --delete %{_infodir}/krb425.info.gz %{_infodir}/dir
+	/sbin/install-info --delete %{_infodir}/krb5-admin.info.gz %{_infodir}/dir
+	/sbin/install-info --delete %{_infodir}/krb5-install.info.gz %{_infodir}/dir
+fi
+
+%postun server
+if [ "$1" -ge 1 ] ; then
+	/sbin/service krb5kdc condrestart > /dev/null 2>&1 || :
+	/sbin/service kadmin condrestart > /dev/null 2>&1 || :
+	/sbin/service krb524 condrestart > /dev/null 2>&1 || :
+	/sbin/service kprop condrestart > /dev/null 2>&1 || :
+fi
+
+%post workstation
+/sbin/install-info %{_infodir}/krb5-user.info %{_infodir}/dir
+/sbin/service xinetd reload > /dev/null 2>&1 || :
+
+%preun workstation
+if [ "$1" = "0" ] ; then
+	/sbin/install-info --delete %{_infodir}/krb5-user.info %{_infodir}/dir
+fi
+
+%postun workstation
+/sbin/service xinetd reload > /dev/null 2>&1 || :
+
+%files workstation
+%defattr(-,root,root)
+
+%config /etc/profile.d/krb5.sh
+%config /etc/profile.d/krb5.csh
+
+%config(noreplace) /etc/xinetd.d/*
+
+%doc doc/user*.html doc/user*.ps.gz src/config-files/services.append
+%attr(0755,root,root) %doc src/config-files/convert-config-files
+%{_infodir}/krb5-user.info*
+%{prefix}/bin/ftp
+%{prefix}/man/man1/ftp.1*
+%{prefix}/bin/gss-client
+%{prefix}/bin/kdestroy
+%{prefix}/man/man1/kdestroy.1*
+%{prefix}/man/man1/kerberos.1*
+%{prefix}/bin/kinit
+%{prefix}/man/man1/kinit.1*
+%{prefix}/bin/klist
+%{prefix}/man/man1/klist.1*
+%{prefix}/bin/kpasswd
+%{prefix}/man/man1/kpasswd.1*
+%{prefix}/bin/krb524init
+%{prefix}/sbin/kadmin
+%{prefix}/man/man8/kadmin.8*
+%{prefix}/sbin/ktutil
+%{prefix}/man/man8/ktutil.8*
+%attr(0755,root,root) %{prefix}/bin/ksu
+%{prefix}/man/man1/ksu.1*
+%{prefix}/bin/kvno
+%{prefix}/man/man1/kvno.1*
+%{prefix}/bin/rcp
+%{prefix}/man/man1/rcp.1*
+%{prefix}/bin/krlogin
+%{prefix}/bin/rlogin
+%{prefix}/man/man1/rlogin.1*
+%{prefix}/bin/krsh
+%{prefix}/bin/rsh
+%{prefix}/man/man1/rsh.1*
+%{prefix}/bin/telnet
+%{prefix}/man/man1/telnet.1*
+%{prefix}/man/man1/tmac.doc*
+%attr(0755,root,root) %{prefix}/bin/v4rcp
+%{prefix}/man/man1/v4rcp.1*
+%{prefix}/bin/v5passwd
+%{prefix}/man/man1/v5passwd.1*
+%{prefix}/bin/sim_client
+%{prefix}/bin/uuclient
+%{prefix}/sbin/login.krb5
+%{prefix}/man/man8/login.krb5.8*
+%{prefix}/sbin/ftpd
+%{prefix}/man/man8/ftpd.8*
+%{prefix}/sbin/gss-server
+%{prefix}/sbin/klogind
+%{prefix}/man/man8/klogind.8*
+%{prefix}/sbin/kshd
+%{prefix}/man/man8/kshd.8*
+%{prefix}/sbin/telnetd
+%{prefix}/man/man8/telnetd.8*
+%{prefix}/sbin/uuserver
+%{prefix}/man/man5/.k5login.5*
+%{prefix}/man/man5/krb5.conf.5*
+
+%files server
+%defattr(-,root,root)
+
+%config /etc/rc.d/init.d/krb5kdc
+%config /etc/rc.d/init.d/kadmin
+%config /etc/rc.d/init.d/krb524
+%config /etc/rc.d/init.d/kprop
+
+%doc doc/admin*.ps.gz doc/admin*.html
+%doc doc/krb425*.ps.gz doc/krb425*.html
+%doc doc/install*.ps.gz doc/install*.html
+
+%{_infodir}/krb5-admin.info*
+%{_infodir}/krb5-install.info*
+%{_infodir}/krb425.info*
+
+%dir %{_var}/kerberos/krb5kdc
+%config(noreplace) %{_var}/kerberos/krb5kdc/kdc.conf
+%config(noreplace) %{_var}/kerberos/krb5kdc/kadm5.acl
+
+%{prefix}/man/man5/kdc.conf.5*
+%{prefix}/sbin/kadmin.local
+%{prefix}/man/man8/kadmin.local.8*
+%{prefix}/sbin/kadmind
+%{prefix}/man/man8/kadmind.8*
+%{prefix}/sbin/kadmind4
+%{prefix}/sbin/kdb5_util
+%{prefix}/man/man8/kdb5_util.8*
+%{prefix}/sbin/kprop
+%{prefix}/man/man8/kprop.8*
+%{prefix}/sbin/kpropd
+%{prefix}/man/man8/kpropd.8*
+%{prefix}/sbin/krb5-send-pr
+%{prefix}/man/man1/krb5-send-pr.1*
+%{prefix}/sbin/krb524d
+%{prefix}/sbin/krb5kdc
+%{prefix}/man/man8/krb5kdc.8*
+%{prefix}/sbin/sim_server
+%{prefix}/sbin/v5passwdd
+# This is here for people who want to test their server, and also 
+# included in devel package for similar reasons.
+%{prefix}/bin/sclient
+%{prefix}/man/man1/sclient.1*
+%{prefix}/sbin/sserver
+%{prefix}/man/man8/sserver.8*
+
+%files libs
+%defattr(-,root,root)
+%{prefix}/lib/lib*.so.*.*
+%config /etc/rc.d/init.d/kdcrotate
+%config(noreplace) /etc/krb5.conf
+
+%files devel
+%defattr(-,root,root)
+%doc doc/api
+%doc doc/implement
+%doc doc/kadm5
+%doc doc/kadmin
+%doc doc/krb5-protocol
+%doc doc/rpc
+%{prefix}/include
+%{prefix}/lib/lib*.a
+%{prefix}/lib/lib*.so
+%{prefix}/bin/sclient
+%{prefix}/man/man1/sclient.1*
+%{prefix}/sbin/sserver
+%{prefix}/man/man8/sserver.8*
+
+%clean
+[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
--- a/krb524d.init
+++ b/krb524d.init
@ -0,0 +1,69 @@
+#!/bin/sh
+#
+# krb524       Start and stop the krb524 service.
+#
+# chkconfig:   - 35 65
+# description: Kerberos 5 is a trusted third-party authentication system.  \
+#	       This script starts and stops krb524d, which converts \
+#              Kerberos 5 credentials to Kerberos IV credentials.
+# processname: krb524d
+#
+
+# Get config.
+. /etc/sysconfig/network
+
+# Check that networking is up.
+[ ${NETWORKING} = "no" ] && exit 0
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+RETVAL=0
+
+# Sheel functions to cut down on useless shell instances.
+start() {
+  	if [ ! -f /var/kerberos/krb5kdc/principal ] ; then
+	    exit 0
+	fi
+	echo -n "Starting Kerberos 5-to-4 Server:"
+	daemon /usr/kerberos/sbin/krb524d -m
+	RETVAL=$?
+	echo
+	[ $RETVAL = 0 ] && touch /var/lock/subsys/krb524
+}
+stop() {
+	echo -n "Stopping Kerberos 5-to-4 Server:"
+	killproc krb524d
+	RETVAL=$?
+	echo
+	[ $RETVAL = 0 ] && rm -f /var/lock/subsys/krb524
+}
+
+# See how we were called.
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	stop
+	;;
+  restart)
+	stop
+	start
+	;;
+  status)
+	status krb524d
+	;;
+  condrestart)
+	if [ -f /var/lock/subsys/krb524 ] ; then
+		stop
+		start
+	fi
+	;;
+  *)
+	echo "Usage: $0 {start|stop|status|restart|condrestart}"
+	RETVAL=1
+	;;
+esac
+
+exit $RETVAL
--- a/krb5kdc.init
+++ b/krb5kdc.init
@ -0,0 +1,69 @@
+#!/bin/sh
+#
+# krb5kdc      Start and stop the Kerberos 5 servers.
+#
+# chkconfig:   - 35 65
+# description: Kerberos 5 is a trusted third-party authentication system.  \
+#	       This script starts and stops the server that Kerberos IV and 5 \
+#	       clients need to connect to in order to obtain credentials.
+# processname: krb5kdc
+#
+
+# Get config.
+. /etc/sysconfig/network
+
+# Check that networking is up.
+[ ${NETWORKING} = "no" ] && exit 0
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+RETVAL=0
+
+# Sheel functions to cut down on useless shell instances.
+start() {
+  	if [ ! -f /var/kerberos/krb5kdc/principal ] ; then
+	    exit 0
+	fi
+	echo -n "Starting Kerberos 5 KDC:"
+	daemon /usr/kerberos/sbin/krb5kdc
+	RETVAL=$?
+	echo
+	[ $RETVAL = 0 ] && touch /var/lock/subsys/krb5kdc
+}
+stop() {
+	echo -n "Stopping Kerberos 5 KDC:"
+	killproc krb5kdc
+	RETVAL=$?
+	echo
+	[ $RETVAL = 0 ] && rm -f /var/lock/subsys/krb5kdc
+}
+
+# See how we were called.
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	stop
+	;;
+  restart)
+	stop
+	start
+	;;
+  status)
+	status krb5kdc
+	;;
+  condrestart)
+	if [ -f /var/lock/subsys/krb5kdc ] ; then
+		stop
+		start
+	fi
+	;;
+  *)
+	echo "Usage: $0 {start|stop|status|restart|condrestart}"
+	RETVAL=1
+	;;
+esac
+
+exit $RETVAL
--- a/1
+++ b/1
@ -0,0 +1 @@
+/usr/kerberos/bin/rlogin -x $*
--- a/1
+++ b/1
@ -0,0 +1 @@
+/usr/kerberos/bin/rsh -x $*
--- a/kshell.xinetd
+++ b/kshell.xinetd
@ -0,0 +1,13 @@
+# default: off
+# description: The kerberized rshell server accepts rshell commands \
+#              authenticated and encrypted with Kerberos 5.
+service kshell
+{
+	flags		= REUSE
+	socket_type	= stream        
+	wait		= no
+	user		= root
+	server		= /usr/kerberos/sbin/kshd
+	server_args	= -e -5
+	disable		= yes
+}
--- a/1
+++ b/1
@ -0,0 +1 @@
+a20d10cd42e0fdd0a3c825e0a1e2e08a  krb5-1.2.1.tar
				`@ -0,0 +1 @@`
				`a20d10cd42e0fdd0a3c825e0a1e2e08a krb5-1.2.1.tar`