On ti, 31 tammi 2017, Florian Weimer wrote:
On 01/31/2017 02:38 PM, Jakub Hrozek wrote:
On Tue, Jan 31, 2017 at 02:36:12PM +0100, Florian Weimer wrote:
On 01/31/2017 10:36 AM, David Woodhouse wrote:
Please ensure this works with winbind. The switch to KEYRING: by
default didn't — pam_winbind w
On ti, 31 tammi 2017, David Woodhouse wrote:
On Tue, 2017-01-31 at 10:24 +0100, Jan Kurik wrote:
= System Wide Change: Kerberos KCM credential cache by default =
https://fedoraproject.org/wiki/Changes/KerberosKCMCache
Change owner(s):
* Jakub Hrozek
Default to a new Kerberos credential cache
On ti, 31 tammi 2017, Rex Dieter wrote:
Jan Kurik wrote:
F26 System Wide Change: Kerberos KCM credential cache by default
Hi, can you please consider changing the name of this change/feature to not
use "KCM". That's an acronym commonly used in kde/plasma for KDE Config
Mod
On ti, 31 tammi 2017, Jakub Hrozek wrote:
On Tue, Jan 31, 2017 at 09:47:05AM -0600, Rex Dieter wrote:
Jakub Hrozek wrote:
> On Tue, Jan 31, 2017 at 07:04:33AM -0600, Rex Dieter wrote:
>> Jan Kurik wrote:
>>
>> > F26 System Wide Change: Kerberos KCM credential cache by d
On Tue, Jan 31, 2017 at 09:47:05AM -0600, Rex Dieter wrote:
> Jakub Hrozek wrote:
>
> > On Tue, Jan 31, 2017 at 07:04:33AM -0600, Rex Dieter wrote:
> >> Jan Kurik wrote:
> >>
> >> > F26 System Wide Change: Kerberos KCM credential cache by default
>
Jakub Hrozek wrote:
> On Tue, Jan 31, 2017 at 07:04:33AM -0600, Rex Dieter wrote:
>> Jan Kurik wrote:
>>
>> > F26 System Wide Change: Kerberos KCM credential cache by default
>>
>> Hi, can you please consider changing the name of this change/feature to
>
On Tue, Jan 31, 2017 at 02:49:41PM +0100, Florian Weimer wrote:
> On 01/31/2017 02:38 PM, Jakub Hrozek wrote:
> > On Tue, Jan 31, 2017 at 02:36:12PM +0100, Florian Weimer wrote:
> > > On 01/31/2017 10:36 AM, David Woodhouse wrote:
> > > > Please ensure this works with winbind. The switch to KEYRING
On 01/31/2017 02:38 PM, Jakub Hrozek wrote:
On Tue, Jan 31, 2017 at 02:36:12PM +0100, Florian Weimer wrote:
On 01/31/2017 10:36 AM, David Woodhouse wrote:
Please ensure this works with winbind. The switch to KEYRING: by
default didn't — pam_winbind was putting creds in /tmp/krb5cc_$UID
still, a
On Tue, Jan 31, 2017 at 02:36:12PM +0100, Florian Weimer wrote:
> On 01/31/2017 10:36 AM, David Woodhouse wrote:
> > Please ensure this works with winbind. The switch to KEYRING: by
> > default didn't — pam_winbind was putting creds in /tmp/krb5cc_$UID
> > still, and then they weren't consistently
On Tue, Jan 31, 2017 at 07:04:33AM -0600, Rex Dieter wrote:
> Jan Kurik wrote:
>
> > F26 System Wide Change: Kerberos KCM credential cache by default
>
> Hi, can you please consider changing the name of this change/feature to not
> use "KCM". That's an acr
On 01/31/2017 10:36 AM, David Woodhouse wrote:
Please ensure this works with winbind. The switch to KEYRING: by
default didn't — pam_winbind was putting creds in /tmp/krb5cc_$UID
still, and then they weren't consistently being found there.
OpenJDK could be affected by this as well.
Thanks,
Flo
On Tue, 2017-01-31 at 13:37 +0100, Jakub Hrozek wrote:
>
> I'm not really well-versed with winbind, so honestly I'm not sure what
> limitation it has wrt Kerberos ccaches. Was this ever reported as a
> bug against winbind?
https://bugzilla.redhat.com/show_bug.cgi?id=985107 covers an older
variant
Jan Kurik wrote:
> F26 System Wide Change: Kerberos KCM credential cache by default
Hi, can you please consider changing the name of this change/feature to not
use "KCM". That's an acronym commonly used in kde/plasma for KDE Config
Module, e.g.
https://techbase.kde.org/Dev
On Tue, Jan 31, 2017 at 09:36:59AM +, David Woodhouse wrote:
> On Tue, 2017-01-31 at 10:24 +0100, Jan Kurik wrote:
> > = System Wide Change: Kerberos KCM credential cache by default =
> > https://fedoraproject.org/wiki/Changes/KerberosKCMCache
> >
> > Change owner(s):
> > * Jakub Hrozek
> >
On Tue, Jan 31, 2017 at 10:57:33AM +0100, Mike Bonnet wrote:
> > == Scope ==
> > * Proposal owners:
> > SSSD developers will implement a KCM server. The krb5-libs package
> > will then switch its default from KEYRING to KCM. The libkrb5 package
> > will require the sssd-kcm subpackage and enable it
On Tue, Jan 31, 2017 at 09:55:41AM +, Tom Hughes wrote:
> On 31/01/17 09:24, Jan Kurik wrote:
>
> > With KCM, the Kerberos caches are not stored in a "passive" store, but
> > managed by a daemon. In this setup, the Kerberos library (typically
> > used through an application, like for example,
On Tue, 2017-01-31 at 10:24 +0100, Jan Kurik wrote:
> = System Wide Change: Kerberos KCM credential cache by default =
> https://fedoraproject.org/wiki/Changes/KerberosKCMCache
>
> Change owner(s):
> * Jakub Hrozek
>
>
> Default to a new Kerberos credential cache type called KCM which is
> bett
On 01/31/2017 10:24 AM, Jan Kurik wrote:
= System Wide Change: Kerberos KCM credential cache by default =
https://fedoraproject.org/wiki/Changes/KerberosKCMCache
Change owner(s):
* Jakub Hrozek
Default to a new Kerberos credential cache type called KCM which is
better suited for containerized
On 31/01/17 09:24, Jan Kurik wrote:
With KCM, the Kerberos caches are not stored in a "passive" store, but
managed by a daemon. In this setup, the Kerberos library (typically
used through an application, like for example, kinit) is a "KCM
client" and the daemon is being referred to as a "KCM ser
= System Wide Change: Kerberos KCM credential cache by default =
https://fedoraproject.org/wiki/Changes/KerberosKCMCache
Change owner(s):
* Jakub Hrozek
Default to a new Kerberos credential cache type called KCM which is
better suited for containerized environments and provides a better
user ex
20 matches
Mail list logo
