Here's a patch implementing the more ideal behavior I mentioned; having
two directives for a root-ccname, and a user one. I'm submitting this to
PADL, but I thought I should include it here, as well.
nss_ldap-rootccname.patch
Description: Binary data
* Andrew Deason ([EMAIL PROTECTED]) wrote:
Suppose I want to use krb5_ccname and SASL, so I can have a host
authenticate with its host principal from a keytab. However, I don't want
normal users to be able to read the host principal keytab; I just want
libnss-ldap to use their own kerberos
On Fri, 3 Nov 2006 21:12:38 -0500
Stephen Frost [EMAIL PROTECTED] wrote:
In general I like this idea but I'm not sure about its implementation.
It strikes me as rather excessive to attempt multiple binds in this
way and to cause that extra load on the server. Also, it may hide
I do agree
Package: libnss-ldap
Version: 251-5.2
Severity: normal
Tags: patch
Suppose I want to use krb5_ccname and SASL, so I can have a host
authenticate with its host principal from a keytab. However, I don't want
normal users to be able to read the host principal keytab; I just want
libnss-ldap to use
4 matches
Mail list logo
