From cfbd12afad3fb232cbc214e1c47c2bf202ec5003 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sun, 26 Feb 2012 16:40:47 -0500 Subject: config: Rework configuration syntax Keeping 2 separate sections for credentials and services seem to just make things really confusing. The off chance of reusing a 'credential' section is dwarfed by the confusion cause by keeping them separate. Having to copy a full service section is not a big deal so KISS wins here. --- proxy/examples/gssproxy-example.conf | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'proxy/examples/gssproxy-example.conf') diff --git a/proxy/examples/gssproxy-example.conf b/proxy/examples/gssproxy-example.conf index 4806585..3894dd3 100644 --- a/proxy/examples/gssproxy-example.conf +++ b/proxy/examples/gssproxy-example.conf @@ -2,13 +2,18 @@ # socket = /var/lib/gssproxy/pipes/gp.socket -[credential/default] +[service/default] - mech = krb5 + mechs = krb5 krb5_keytab = /etc/krb5.keytab krb5_ccache = /run/user/%u/krb5cc - -[service/default] - - credentials = default + trusted = yes euid = 0 + +[service/gssproxy] + # socket = /x/y/z + mechs = krb5 + krb5_principal = gssproxy/foo.bar.org + krb5_keytab = /etc/gssproxy/gssproxy.keytab + krb5_ccache = /tmp/krb5cc_123 + euid = 123 -- cgit