diff options
author | Simo Sorce <simo@redhat.com> | 2012-02-26 16:40:47 -0500 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2012-04-05 11:20:33 -0400 |
commit | cfbd12afad3fb232cbc214e1c47c2bf202ec5003 (patch) | |
tree | a83df9e410d858d23d2ac494079ebb57be5baba2 /proxy/examples | |
parent | 5286f86243c1a76f52a4ddb2f341f23762b068b5 (diff) | |
download | gss-proxy-cfbd12afad3fb232cbc214e1c47c2bf202ec5003.tar.gz gss-proxy-cfbd12afad3fb232cbc214e1c47c2bf202ec5003.tar.xz gss-proxy-cfbd12afad3fb232cbc214e1c47c2bf202ec5003.zip |
config: Rework configuration syntax
Keeping 2 separate sections for credentials and services seem to just make
things really confusing. The off chance of reusing a 'credential' section is
dwarfed by the confusion cause by keeping them separate. Having to copy a full
service section is not a big deal so KISS wins here.
Diffstat (limited to 'proxy/examples')
-rw-r--r-- | proxy/examples/gssproxy-example.conf | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/proxy/examples/gssproxy-example.conf b/proxy/examples/gssproxy-example.conf index 4806585..3894dd3 100644 --- a/proxy/examples/gssproxy-example.conf +++ b/proxy/examples/gssproxy-example.conf @@ -2,13 +2,18 @@ # socket = /var/lib/gssproxy/pipes/gp.socket -[credential/default] +[service/default] - mech = krb5 + mechs = krb5 krb5_keytab = /etc/krb5.keytab krb5_ccache = /run/user/%u/krb5cc - -[service/default] - - credentials = default + trusted = yes euid = 0 + +[service/gssproxy] + # socket = /x/y/z + mechs = krb5 + krb5_principal = gssproxy/foo.bar.org + krb5_keytab = /etc/gssproxy/gssproxy.keytab + krb5_ccache = /tmp/krb5cc_123 + euid = 123 |