>>>>> "Andreas" == Andreas B Mundt <andi.mu...@web.de> writes:
Andreas> If, for some reason, it is not desired to change the boot
Andreas> ordering for kdc in general, there should be a correct
Andreas> ordering as soon as you install krb5-kdc-ldap.
This is messy. The problem is that you might well want to use Kerberos
for LDAP authentication--for example for one LDAP replica to talk to
another. Your LDAP server may not be on the same machine as your
Kerberos server.
I'd be interested in patches to do any of the following in decreasing
order of preference:
1) Periodically reconnect to LDAP if LDAP is unavailable--upstream
patch
2) If krb5-kdc-ldap is installed ask a medium priority debconf question
with default yes about whether kdc should come before ldap (and act
appropriately)
3) Ask a medium priority debconf question with default yes about whether
krb5kdc should come before ldap (ignoring the krb5-kdc-ldap package
entirely)
Any change to the boot order should work both with classic ordering and
dependency-based ordering. I'm happy to review patches or discuss
design directions; I do not have time to implement one of the proposed
patches above.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
