[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Turning off hostname canonicalisation
>Ken has choosen to treat the krb5.conf file as the configuration file
>for applications he bundles with Kerberos. The choice of options that
>he uses are a site local issue provided that they do not conflict with
>the namespace used by the Kerberos libraries. I believe that all we
>need to do is document (whenever we get around to documenting anything)
>that [appdefault] is an unmanaged name space that does not impact the
>behavior of the Kerberos libraries when used by applications.
That's fine with me. I've explicitly tried not to put anything in
[appdefaults] that affects the behavior of the Kerberos library (in
fact, I am pretty sure that nothing that I have in krb5.conf affects
the behavior of the Kerberos library). I used to use some stuff that
would change default ticket lifetimes, but even that code wasn't parsed
by the Kerberos library, but instead by programs like kinit.