[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: krb5 services override in krb5.conf?

On 3 Aug 2000, Assar Westerlund wrote:

> Derrick J Brashear <shadow@dementia.org> writes:
> > It would be nice if there were a way to override the use of getservbyname
> > for kerberos ports in /etc/krb5.conf, maybe something like
> > 
> > [ports]
> > 	kerberos = 88/tcp 88/udp
> > 	
> > etc.
> > 
> > Problem is we have legacy software which expects to find an entry which is
> > kerberos 750/udp
> > in services, and if you remove it, they simply don't work. But... our krb5
> > kdc isn't listening on 750, only on 88.
> I would really prefer not to.  Having krb5.conf act the same way as
> /etc/services but with different syntax seems just... non-optimal.  An
> according to IANA, 'kerberos 88/udp' (and tcp) is the correct
> assignment.

too bad they ignored people using kerberos 750/udp when they allocated

> a) What is the problem with your `legacy' software?

server on port 88 not kerb4

> b) Could you make your kdc listen to 750?

kaserver needs to continue listening on 750

> c) How large a bribe are you offering?

none. actually, i may be able to fix what i know about, make the change i
need, and tell other people they need to rebuild.