diff options
author | Nalin Dahyabhai <nalin@fedoraproject.org> | 2005-02-24 23:16:08 +0000 |
---|---|---|
committer | Nalin Dahyabhai <nalin@fedoraproject.org> | 2005-02-24 23:16:08 +0000 |
commit | 708fedd9ea5c0d1cefe5c3f6be417d56017d6051 (patch) | |
tree | 9c547ef1e6b6261aaa48ba60e0cef45f664be894 | |
parent | e7236e5850268bffb4cd4effc70745cd78c7acff (diff) | |
download | krb5-708fedd9ea5c0d1cefe5c3f6be417d56017d6051.tar.gz krb5-708fedd9ea5c0d1cefe5c3f6be417d56017d6051.tar.xz krb5-708fedd9ea5c0d1cefe5c3f6be417d56017d6051.zip |
- update to 1.4
- v1.4 kadmin client requires a v1.4 kadmind on the server, or use the "-O"
flag to specify that it should communicate with the server using the
older protocol
- new libkrb5support library
- v5passwdd and kadmind4 are gone
- versioned symbols
- pick up $KRB5KDC_ARGS from /etc/sysconfig/krb5kdc, if it exists, and pass
it on to krb5kdc
- pick up $KADMIND_ARGS from /etc/sysconfig/kadmin, if it exists, and pass
it on to kadmind
- pick up $KRB524D_ARGS from /etc/sysconfig/krb524, if it exists, and pass
it on to krb524d *instead of* "-m"
- set "forwardable" in [libdefaults] in the default krb5.conf to match the
default setting which we supply for pam_krb5
- set a default of 24h for "ticket_lifetime" in [libdefaults], reflecting
the compiled-in default
-rw-r--r-- | .cvsignore | 2 | ||||
-rw-r--r-- | kadmin.sysconfig | 1 | ||||
-rwxr-xr-x | kadmind.init | 5 | ||||
-rw-r--r-- | krb5-1.4-ktany.patch | 344 | ||||
-rw-r--r-- | krb5-1.4-null.patch | 33 | ||||
-rw-r--r-- | krb5.conf | 2 | ||||
-rw-r--r-- | krb5.spec | 54 | ||||
-rw-r--r-- | krb524.sysconfig | 1 | ||||
-rwxr-xr-x | krb524d.init | 5 | ||||
-rwxr-xr-x | krb5kdc.init | 5 | ||||
-rw-r--r-- | krb5kdc.sysconfig | 1 | ||||
-rw-r--r-- | sources | 4 |
12 files changed, 436 insertions, 21 deletions
@@ -3,3 +3,5 @@ krb5-1.3.5.tar.gz krb5-1.3.5.tar.gz.asc krb5-1.3.6.tar.gz krb5-1.3.6.tar.gz.asc +krb5-1.4.tar.gz +krb5-1.4.tar.gz.asc diff --git a/kadmin.sysconfig b/kadmin.sysconfig new file mode 100644 index 0000000..fa72039 --- /dev/null +++ b/kadmin.sysconfig @@ -0,0 +1 @@ +KADMIND_ARGS= diff --git a/kadmind.init b/kadmind.init index 13cb1ac..45e9e98 100755 --- a/kadmind.init +++ b/kadmind.init @@ -16,6 +16,9 @@ # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 +# Get config. +[ -r /etc/sysconfig/kadmin ] && . /etc/sysconfig/kadmin + # Source function library. . /etc/init.d/functions prog="Kerberos 5 Admin Server" @@ -38,7 +41,7 @@ start() { fi fi echo -n $"Starting $prog: " - daemon ${kadmind} + daemon ${kadmind} $KADMIND_ARGS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/kadmin diff --git a/krb5-1.4-ktany.patch b/krb5-1.4-ktany.patch new file mode 100644 index 0000000..dc39a63 --- /dev/null +++ b/krb5-1.4-ktany.patch @@ -0,0 +1,344 @@ +--- krb5-1.4/src/lib/krb5/keytab/ktbase.c.ktany 2004-05-27 23:44:32.000000000 -0400 ++++ krb5-1.4/src/lib/krb5/keytab/ktbase.c 2005-02-18 11:01:18.000000000 -0500 +@@ -34,14 +34,19 @@ + extern const krb5_kt_ops krb5_ktf_ops; + extern const krb5_kt_ops krb5_ktf_writable_ops; + extern const krb5_kt_ops krb5_kts_ops; ++extern const krb5_kt_ops krb5_kta_ops; + + struct krb5_kt_typelist { + const krb5_kt_ops *ops; + const struct krb5_kt_typelist *next; + }; ++static struct krb5_kt_typelist krb5_kt_typelist_any = { ++ &krb5_kta_ops, ++ 0 ++}; + const static struct krb5_kt_typelist krb5_kt_typelist_wrfile = { + &krb5_ktf_writable_ops, +- 0 ++ &krb5_kt_typelist_any + }; + const static struct krb5_kt_typelist krb5_kt_typelist_file = { + &krb5_ktf_ops, +--- /dev/null 2005-02-18 05:27:12.242575752 -0500 ++++ krb5-1.4/src/lib/krb5/keytab/kt_any.c 2005-02-18 10:38:09.000000000 -0500 +@@ -0,0 +1,292 @@ ++/* ++ * lib/krb5/keytab/kt_any.c ++ * ++ * Copyright 1998, 1999 by the Massachusetts Institute of Technology. ++ * All Rights Reserved. ++ * ++ * Export of this software from the United States of America may ++ * require a specific license from the United States Government. ++ * It is the responsibility of any person or organization contemplating ++ * export to obtain such a license before exporting. ++ * ++ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and ++ * distribute this software and its documentation for any purpose and ++ * without fee is hereby granted, provided that the above copyright ++ * notice appear in all copies and that both that copyright notice and ++ * this permission notice appear in supporting documentation, and that ++ * the name of M.I.T. not be used in advertising or publicity pertaining ++ * to distribution of the software without specific, written prior ++ * permission. M.I.T. makes no representations about the suitability of ++ * this software for any purpose. It is provided "as is" without express ++ * or implied warranty. ++ * ++ * ++ * krb5_kta_ops ++ */ ++ ++#include "k5-int.h" ++ ++typedef struct _krb5_ktany_data { ++ char *name; ++ krb5_keytab *choices; ++ int nchoices; ++} krb5_ktany_data; ++ ++typedef struct _krb5_ktany_cursor_data { ++ int which; ++ krb5_kt_cursor cursor; ++} krb5_ktany_cursor_data; ++ ++static krb5_error_code krb5_ktany_resolve ++ (krb5_context, ++ const char *, ++ krb5_keytab *); ++static krb5_error_code krb5_ktany_get_name ++ (krb5_context context, ++ krb5_keytab id, ++ char *name, ++ unsigned int len); ++static krb5_error_code krb5_ktany_close ++ (krb5_context context, ++ krb5_keytab id); ++static krb5_error_code krb5_ktany_get_entry ++ (krb5_context context, ++ krb5_keytab id, ++ krb5_const_principal principal, ++ krb5_kvno kvno, ++ krb5_enctype enctype, ++ krb5_keytab_entry *entry); ++static krb5_error_code krb5_ktany_start_seq_get ++ (krb5_context context, ++ krb5_keytab id, ++ krb5_kt_cursor *cursorp); ++static krb5_error_code krb5_ktany_next_entry ++ (krb5_context context, ++ krb5_keytab id, ++ krb5_keytab_entry *entry, ++ krb5_kt_cursor *cursor); ++static krb5_error_code krb5_ktany_end_seq_get ++ (krb5_context context, ++ krb5_keytab id, ++ krb5_kt_cursor *cursor); ++static void cleanup ++ (krb5_context context, ++ krb5_ktany_data *data, ++ int nchoices); ++ ++struct _krb5_kt_ops krb5_kta_ops = { ++ 0, ++ "ANY", /* Prefix -- this string should not appear anywhere else! */ ++ krb5_ktany_resolve, ++ krb5_ktany_get_name, ++ krb5_ktany_close, ++ krb5_ktany_get_entry, ++ krb5_ktany_start_seq_get, ++ krb5_ktany_next_entry, ++ krb5_ktany_end_seq_get, ++ 0, ++ 0, ++ 0 ++}; ++ ++static krb5_error_code ++krb5_ktany_resolve(context, name, id) ++ krb5_context context; ++ const char *name; ++ krb5_keytab *id; ++{ ++ const char *p, *q; ++ char *copy; ++ krb5_error_code kerror; ++ krb5_ktany_data *data; ++ int i; ++ ++ /* Allocate space for our data and remember a copy of the name. */ ++ if ((data = (krb5_ktany_data *)malloc(sizeof(krb5_ktany_data))) == NULL) ++ return(ENOMEM); ++ if ((data->name = (char *)malloc(strlen(name) + 1)) == NULL) { ++ krb5_xfree(data); ++ return(ENOMEM); ++ } ++ strcpy(data->name, name); ++ ++ /* Count the number of choices and allocate memory for them. */ ++ data->nchoices = 1; ++ for (p = name; (q = strchr(p, ',')) != NULL; p = q + 1) ++ data->nchoices++; ++ if ((data->choices = (krb5_keytab *) ++ malloc(data->nchoices * sizeof(krb5_keytab))) == NULL) { ++ krb5_xfree(data->name); ++ krb5_xfree(data); ++ return(ENOMEM); ++ } ++ ++ /* Resolve each of the choices. */ ++ i = 0; ++ for (p = name; (q = strchr(p, ',')) != NULL; p = q + 1) { ++ /* Make a copy of the choice name so we can terminate it. */ ++ if ((copy = (char *)malloc(q - p + 1)) == NULL) { ++ cleanup(context, data, i); ++ return(ENOMEM); ++ } ++ memcpy(copy, p, q - p); ++ copy[q - p] = 0; ++ ++ /* Try resolving the choice name. */ ++ kerror = krb5_kt_resolve(context, copy, &data->choices[i]); ++ krb5_xfree(copy); ++ if (kerror) { ++ cleanup(context, data, i); ++ return(kerror); ++ } ++ i++; ++ } ++ if ((kerror = krb5_kt_resolve(context, p, &data->choices[i]))) { ++ cleanup(context, data, i); ++ return(kerror); ++ } ++ ++ /* Allocate and fill in an ID for the caller. */ ++ if ((*id = (krb5_keytab)malloc(sizeof(**id))) == NULL) { ++ cleanup(context, data, i); ++ return(ENOMEM); ++ } ++ (*id)->ops = &krb5_kta_ops; ++ (*id)->data = (krb5_pointer)data; ++ (*id)->magic = KV5M_KEYTAB; ++ ++ return(0); ++} ++ ++static krb5_error_code ++krb5_ktany_get_name(context, id, name, len) ++ krb5_context context; ++ krb5_keytab id; ++ char *name; ++ unsigned int len; ++{ ++ krb5_ktany_data *data = (krb5_ktany_data *)id->data; ++ ++ if (len < strlen(data->name) + 1) ++ return(KRB5_KT_NAME_TOOLONG); ++ strcpy(name, data->name); ++ return(0); ++} ++ ++static krb5_error_code ++krb5_ktany_close(context, id) ++ krb5_context context; ++ krb5_keytab id; ++{ ++ krb5_ktany_data *data = (krb5_ktany_data *)id->data; ++ ++ cleanup(context, data, data->nchoices); ++ id->ops = 0; ++ krb5_xfree(id); ++ return(0); ++} ++ ++static krb5_error_code ++krb5_ktany_get_entry(context, id, principal, kvno, enctype, entry) ++ krb5_context context; ++ krb5_keytab id; ++ krb5_const_principal principal; ++ krb5_kvno kvno; ++ krb5_enctype enctype; ++ krb5_keytab_entry *entry; ++{ ++ krb5_ktany_data *data = (krb5_ktany_data *)id->data; ++ krb5_error_code kerror = KRB5_KT_NOTFOUND; ++ int i; ++ ++ for (i = 0; i < data->nchoices; i++) { ++ if ((kerror = krb5_kt_get_entry(context, data->choices[i], principal, ++ kvno, enctype, entry)) != ENOENT) ++ return kerror; ++ } ++ return kerror; ++} ++ ++static krb5_error_code ++krb5_ktany_start_seq_get(context, id, cursorp) ++ krb5_context context; ++ krb5_keytab id; ++ krb5_kt_cursor *cursorp; ++{ ++ krb5_ktany_data *data = (krb5_ktany_data *)id->data; ++ krb5_ktany_cursor_data *cdata; ++ krb5_error_code kerror = ENOENT; ++ int i; ++ ++ if ((cdata = (krb5_ktany_cursor_data *) ++ malloc(sizeof(krb5_ktany_cursor_data))) == NULL) ++ return(ENOMEM); ++ ++ /* Find a choice which can handle the serialization request. */ ++ for (i = 0; i < data->nchoices; i++) { ++ if ((kerror = krb5_kt_start_seq_get(context, data->choices[i], ++ &cdata->cursor)) == 0) ++ break; ++ else if (kerror != ENOENT) { ++ krb5_xfree(cdata); ++ return(kerror); ++ } ++ } ++ ++ if (i == data->nchoices) { ++ /* Everyone returned ENOENT, so no go. */ ++ krb5_xfree(cdata); ++ return(kerror); ++ } ++ ++ cdata->which = i; ++ *cursorp = (krb5_kt_cursor)cdata; ++ return(0); ++} ++ ++static krb5_error_code ++krb5_ktany_next_entry(context, id, entry, cursor) ++ krb5_context context; ++ krb5_keytab id; ++ krb5_keytab_entry *entry; ++ krb5_kt_cursor *cursor; ++{ ++ krb5_ktany_data *data = (krb5_ktany_data *)id->data; ++ krb5_ktany_cursor_data *cdata = (krb5_ktany_cursor_data *)*cursor; ++ krb5_keytab choice_id; ++ ++ choice_id = data->choices[cdata->which]; ++ return(krb5_kt_next_entry(context, choice_id, entry, &cdata->cursor)); ++} ++ ++static krb5_error_code ++krb5_ktany_end_seq_get(context, id, cursor) ++ krb5_context context; ++ krb5_keytab id; ++ krb5_kt_cursor *cursor; ++{ ++ krb5_ktany_data *data = (krb5_ktany_data *)id->data; ++ krb5_ktany_cursor_data *cdata = (krb5_ktany_cursor_data *)*cursor; ++ krb5_keytab choice_id; ++ krb5_error_code kerror; ++ ++ choice_id = data->choices[cdata->which]; ++ kerror = krb5_kt_end_seq_get(context, choice_id, &cdata->cursor); ++ krb5_xfree(cdata); ++ return(kerror); ++} ++ ++static void ++cleanup(context, data, nchoices) ++ krb5_context context; ++ krb5_ktany_data *data; ++ int nchoices; ++{ ++ int i; ++ ++ krb5_xfree(data->name); ++ for (i = 0; i < nchoices; i++) ++ krb5_kt_close(context, data->choices[i]); ++ krb5_xfree(data->choices); ++ krb5_xfree(data); ++} +--- krb5-1.4/src/lib/krb5/keytab/Makefile.in.ktany 2004-05-27 23:44:32.000000000 -0400 ++++ krb5-1.4/src/lib/krb5/keytab/Makefile.in 2005-02-18 10:38:09.000000000 -0500 +@@ -14,6 +14,7 @@ + ktfr_entry.o \ + ktremove.o \ + ktfns.o \ ++ kt_any.o \ + kt_file.o \ + kt_srvtab.o \ + read_servi.o +@@ -25,6 +26,7 @@ + $(OUTPRE)ktfr_entry.$(OBJEXT) \ + $(OUTPRE)ktremove.$(OBJEXT) \ + $(OUTPRE)ktfns.$(OBJEXT) \ ++ $(OUTPRE)kt_any.$(OBJEXT) \ + $(OUTPRE)kt_file.$(OBJEXT) \ + $(OUTPRE)kt_srvtab.$(OBJEXT) \ + $(OUTPRE)read_servi.$(OBJEXT) +@@ -36,6 +38,7 @@ + $(srcdir)/ktfr_entry.c \ + $(srcdir)/ktremove.c \ + $(srcdir)/ktfns.c \ ++ $(srcdir)/kt_any.c \ + $(srcdir)/kt_file.c \ + $(srcdir)/kt_srvtab.c \ + $(srcdir)/read_servi.c diff --git a/krb5-1.4-null.patch b/krb5-1.4-null.patch new file mode 100644 index 0000000..d1e6833 --- /dev/null +++ b/krb5-1.4-null.patch @@ -0,0 +1,33 @@ +Screen out interfaces which have no address in foreach_localaddr(). (Per man +pages for OpenBSD and OS/X, they are legal.) If it doesn't have an address, +the functions which call this function (src/kdc/network.c, which wants to +listen on the interfaces, and src/lib/krb5/os/localaddr.c, which just wants a +list of local addresses), have no use for it anyway. + +This is slightly different than the fix proposed by Paul Jakma at +http://mailman.mit.edu/pipermail/krb5-bugs/2004-January/002152.html, but is +more or less equivalent. + +Don't worry, printifaddr() already checks that ifp->ifa_addr != NULL before +printing it. + +--- krb5-1.4/src/lib/krb5/os/localaddr.c 2005-02-18 11:20:52.000000000 -0500 ++++ krb5-1.4/src/lib/krb5/os/localaddr.c 2005-02-18 11:23:52.000000000 -0500 +@@ -435,6 +435,8 @@ + #ifdef DEBUG + printifaddr (ifp); + #endif ++ if (ifp->ifa_addr == NULL) ++ continue; + if ((ifp->ifa_flags & IFF_UP) == 0) + continue; + if (ifp->ifa_flags & IFF_LOOPBACK) { +@@ -458,6 +460,8 @@ + /* If this address is a duplicate, punt. */ + match = 0; + for (ifp2 = ifp_head; ifp2 && ifp2 != ifp; ifp2 = ifp2->ifa_next) { ++ if (ifp2->ifa_addr == NULL) ++ continue; + if ((ifp2->ifa_flags & IFF_UP) == 0) + continue; + if (ifp2->ifa_flags & IFF_LOOPBACK) @@ -7,6 +7,8 @@ default_realm = EXAMPLE.COM dns_lookup_realm = false dns_lookup_kdc = false + ticket_lifetime = 24h + forwardable = yes [realms] EXAMPLE.COM = { @@ -6,10 +6,10 @@ Summary: The Kerberos network authentication system. Name: krb5 -Version: 1.3.6 -Release: 3 +Version: 1.4 +Release: 1 # Maybe we should explode from the now-available-to-everybody tarball instead? -# http://web.mit.edu/kerberos/www/dist/krb5/1.3/krb5-1.3.5.tar +# http://web.mit.edu/kerberos/dist/krb5/1.4/krb5-1.4-signed.tar Source0: krb5-%{version}.tar.gz Source1: krb5-%{version}.tar.gz.asc Source2: kpropd.init @@ -29,6 +29,9 @@ Source15: klogin.xinetd Source16: kshell.xinetd Source17: krb5-telnet.xinetd Source18: gssftp.xinetd +Source19: krb5kdc.sysconfig +Source20: kadmin.sysconfig +Source21: krb524.sysconfig Patch0: krb5-1.3-gcc33.patch Patch1: krb5-1.3-info-dir.patch @@ -39,19 +42,18 @@ Patch5: krb5-1.3-ksu-access.patch Patch6: krb5-1.3-ksu-path.patch Patch9: krb5-1.1.1-brokenrev.patch Patch11: krb5-1.2.1-passive.patch -Patch12: krb5-1.3-ktany.patch +Patch12: krb5-1.4-ktany.patch Patch13: krb5-1.3-large-file.patch Patch14: krb5-1.3-ftp-glob.patch Patch15: krb5-1.3-check.patch Patch16: krb5-1.3.3-no-rpath.patch Patch17: krb5-1.3-pass-by-address.patch Patch18: krb5-1.2.7-reject-bad-transited.patch -Patch20: krb5-1.3.1-varargs.patch Patch21: krb5-selinux.patch Patch22: krb5-1.3.1-32.patch Patch23: krb5-1.3.1-dns.patch -Patch24: krb5-1.3.1-server-sort.patch -Patch25: krb5-1.3.1-null.patch +Patch24: krb5-1.4-server-sort.patch +Patch25: krb5-1.4-null.patch Patch26: krb5-1.3.2-efence.patch Patch27: krb5-1.3.3-rcp-sendlarge.patch Patch28: krb5-1.3.5-gethostbyname_r.patch @@ -122,6 +124,25 @@ network uses Kerberos, this package should be installed on every workstation. %changelog +* Thu Feb 24 2005 Nalin Dahyabhai <nalin@redhat.com> 1.4-1 +- update to 1.4 + - v1.4 kadmin client requires a v1.4 kadmind on the server, or use the "-O" + flag to specify that it should communicate with the server using the older + protocol + - new libkrb5support library + - v5passwdd and kadmind4 are gone + - versioned symbols +- pick up $KRB5KDC_ARGS from /etc/sysconfig/krb5kdc, if it exists, and pass + it on to krb5kdc +- pick up $KADMIND_ARGS from /etc/sysconfig/kadmin, if it exists, and pass + it on to kadmind +- pick up $KRB524D_ARGS from /etc/sysconfig/krb524, if it exists, and pass + it on to krb524d *instead of* "-m" +- set "forwardable" in [libdefaults] in the default krb5.conf to match the + default setting which we supply for pam_krb5 +- set a default of 24h for "ticket_lifetime" in [libdefaults], reflecting the + compiled-in default + * Mon Dec 20 2004 Nalin Dahyabhai <nalin@redhat.com> 1.3.6-3 - rebuild @@ -748,7 +769,7 @@ workstation. - added --force to makeinfo commands to skip errors during build %prep -%setup -q -n %{name}-%{version} +%setup -q # No longer necessary with e2fsprogs >= 1.35, it seems. # %patch0 -p1 -b .gcc33 %patch1 -p1 -b .info-dir @@ -767,7 +788,6 @@ workstation. # Hopefully no longer needed to work around compiler bug. # %patch17 -p1 -b .pass-by-address %patch18 -p1 -b .reject-bad-transited -%patch20 -p1 -b .varargs %if %{WITH_SELINUX} %patch21 -p1 -b .selinux %endif @@ -857,9 +877,10 @@ install -m 755 $RPM_SOURCE_DIR/krb5kdc.init $RPM_BUILD_ROOT/etc/rc.d/init.d/krb5 install -m 755 $RPM_SOURCE_DIR/kadmind.init $RPM_BUILD_ROOT/etc/rc.d/init.d/kadmin install -m 755 $RPM_SOURCE_DIR/kpropd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/kprop install -m 755 $RPM_SOURCE_DIR/krb524d.init $RPM_BUILD_ROOT/etc/rc.d/init.d/krb524 -# There are better ways to balance the load, and writing policy for this -# script is painful. -#install -m 755 $RPM_SOURCE_DIR/kdcrotate $RPM_BUILD_ROOT/etc/rc.d/init.d/ +mkdir -p $RPM_BUILD_ROOT/etc/sysconfig +install -m 644 $RPM_SOURCE_DIR/krb5kdc.sysconfig $RPM_BUILD_ROOT/etc/sysconfig/krb5kdc +install -m 644 $RPM_SOURCE_DIR/kadmin.sysconfig $RPM_BUILD_ROOT/etc/sysconfig/kadmin +install -m 644 $RPM_SOURCE_DIR/krb524.sysconfig $RPM_BUILD_ROOT/etc/sysconfig/krb524 # Xinetd configuration files. mkdir -p $RPM_BUILD_ROOT/etc/xinetd.d/ @@ -993,8 +1014,6 @@ fi %{krb5prefix}/man/man1/tmac.doc* %attr(0755,root,root) %{krb5prefix}/bin/v4rcp %{krb5prefix}/man/man1/v4rcp.1* -%{krb5prefix}/bin/v5passwd -%{krb5prefix}/man/man1/v5passwd.1* %{krb5prefix}/bin/sim_client %{krb5prefix}/bin/uuclient %{krb5prefix}/sbin/login.krb5 @@ -1021,6 +1040,9 @@ fi %config /etc/rc.d/init.d/kadmin %config /etc/rc.d/init.d/krb524 %config /etc/rc.d/init.d/kprop +%config(noreplace) /etc/sysconfig/krb5kdc +%config(noreplace) /etc/sysconfig/kadmin +%config(noreplace) /etc/sysconfig/krb524 %doc doc/admin*.ps.gz doc/krb5-admin*.html %doc doc/krb425*.ps.gz doc/krb425*.html @@ -1048,7 +1070,6 @@ fi %{krb5prefix}/man/man8/kadmin.local.8* %{krb5prefix}/sbin/kadmind %{krb5prefix}/man/man8/kadmind.8* -%{krb5prefix}/sbin/kadmind4 %{krb5prefix}/sbin/kdb5_util %{krb5prefix}/man/man8/kdb5_util.8* %{krb5prefix}/sbin/kprop @@ -1056,10 +1077,10 @@ fi %{krb5prefix}/sbin/kpropd %{krb5prefix}/man/man8/kpropd.8* %{krb5prefix}/sbin/krb524d +%{krb5prefix}/man/man8/krb524d.8* %{krb5prefix}/sbin/krb5kdc %{krb5prefix}/man/man8/krb5kdc.8* %{krb5prefix}/sbin/sim_server -%{krb5prefix}/sbin/v5passwdd # This is here for people who want to test their server, and also # included in devel package for similar reasons. %{krb5prefix}/bin/sclient @@ -1100,6 +1121,7 @@ fi %{krb5prefix}/bin/krb5-config %{krb5prefix}/bin/sclient +%{krb5prefix}/man/man1/krb5-config.1* %{krb5prefix}/man/man1/sclient.1* %{krb5prefix}/man/man8/sserver.8* %{krb5prefix}/sbin/sserver diff --git a/krb524.sysconfig b/krb524.sysconfig new file mode 100644 index 0000000..bb6bc9e --- /dev/null +++ b/krb524.sysconfig @@ -0,0 +1 @@ +KRB524D_ARGS=-m diff --git a/krb524d.init b/krb524d.init index 05e3752..51b03a3 100755 --- a/krb524d.init +++ b/krb524d.init @@ -15,6 +15,9 @@ # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 +# Get config. +[ -r /etc/sysconfig/krb524 ] && . /etc/sysconfig/krb524 + # Source function library. . /etc/rc.d/init.d/functions @@ -28,7 +31,7 @@ start() { exit 0 fi echo -n $"Starting $prog: " - daemon ${krb524d} -m + daemon ${krb524d} ${KRB524D_ARGS:--m} RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/krb524 diff --git a/krb5kdc.init b/krb5kdc.init index 2d15279..c464a86 100755 --- a/krb5kdc.init +++ b/krb5kdc.init @@ -15,6 +15,9 @@ # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 +# Get config. +[ -r /etc/sysconfig/krb5kdc ] && . /etc/sysconfig/krb5kdc + # Source function library. . /etc/rc.d/init.d/functions @@ -28,7 +31,7 @@ start() { exit 0 fi echo -n $"Starting $prog: " - daemon ${krb5kdc} + daemon ${krb5kdc} $KRB5KDC_ARGS RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/krb5kdc diff --git a/krb5kdc.sysconfig b/krb5kdc.sysconfig new file mode 100644 index 0000000..791216d --- /dev/null +++ b/krb5kdc.sysconfig @@ -0,0 +1 @@ +KRB5KDC_ARGS= @@ -1,2 +1,2 @@ -7974d0fc413802712998d5fc5eec2919 krb5-1.3.6.tar.gz -d1f7009dbdefb81af13da3777feb9a09 krb5-1.3.6.tar.gz.asc +64f54aaf2f791bc2d689e3ce07874116 krb5-1.4.tar.gz +c46d18bf4c643692ee2bdac13b52ff95 krb5-1.4.tar.gz.asc |