diff options
author | Robbie Harwood (frozencemetery) <rharwood@redhat.com> | 2015-10-19 21:59:53 +0000 |
---|---|---|
committer | Robbie Harwood (frozencemetery) <rharwood@redhat.com> | 2015-10-19 23:01:44 +0000 |
commit | 9baef8fa8f8c277441af6e11746b43ef6089af87 (patch) | |
tree | 02d97bdf0a72d2ae5dbdae26329d9912240de04b | |
parent | 582b087130ee7aeb71fb38d3e4e630b84f72a972 (diff) | |
download | krb5-9baef8fa8f8c277441af6e11746b43ef6089af87.tar.gz krb5-9baef8fa8f8c277441af6e11746b43ef6089af87.tar.xz krb5-9baef8fa8f8c277441af6e11746b43ef6089af87.zip |
Start using crypto-policies
-rw-r--r-- | krb5.conf | 2 | ||||
-rw-r--r-- | krb5.spec | 7 |
2 files changed, 8 insertions, 1 deletions
@@ -1,3 +1,5 @@ +# To opt out of the system crypto-policies configuration of krb5, remove the +# symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated. includedir /etc/krb5.conf.d/ [logging] @@ -43,7 +43,7 @@ Summary: The Kerberos network authentication system Name: krb5 Version: 1.14 -Release: 2%{?dist} +Release: 3%{?dist} # - Maybe we should explode from the now-available-to-everybody tarball instead? # http://web.mit.edu/kerberos/dist/krb5/1.13/krb5-1.13.2-signed.tar # - The sources below are stored in a lookaside cache. Upload with @@ -450,6 +450,7 @@ install -pm 644 %{SOURCE6} $RPM_BUILD_ROOT/etc/krb5.conf # Default include on this directory mkdir -p $RPM_BUILD_ROOT/etc/krb5.conf.d +ln -sv /etc/crypto-policies/back-ends/krb5.conf $RPM_BUILD_ROOT/etc/krb5.conf.d/crypto-policies # Parent of configuration file for list of loadable GSS mechs ("mechs"). This # location is not relative to sysconfdir, but is hard-coded in g_initialize.c. @@ -796,6 +797,7 @@ exit 0 %dir /etc/gss/mech.d %dir /etc/krb5.conf.d %verify(not md5 size mtime) %config(noreplace) /etc/krb5.conf +%config(noreplace) /etc/krb5.conf.d/crypto-policies /%{_mandir}/man5/.k5identity.5* /%{_mandir}/man5/.k5login.5* /%{_mandir}/man5/k5identity.5* @@ -887,6 +889,9 @@ exit 0 %changelog +* Mon Oct 19 2015 Robbie Harwood <rharwood@redhat.com> - 1.14-beta1-3 +- Start using crypto-policies + * Mon Oct 19 2015 Robbie Harwood <rharwood@redhat.com> - 1.14-beta1-2 - TEMPORARILY disable usage of OFD locks as a workaround for x86 |