Here's a patch implementing the more ideal behavior I mentioned; having
two directives for a root-ccname, and a user one. I'm submitting this to
PADL, but I thought I should include it here, as well.
nss_ldap-rootccname.patch
Description: Binary data
On Fri, 3 Nov 2006 21:12:38 -0500
Stephen Frost <[EMAIL PROTECTED]> wrote:
> In general I like this idea but I'm not sure about its implementation.
> It strikes me as rather excessive to attempt multiple binds in this
> way and to cause that extra load on the server. Also, it may hide
I do agree
* Andrew Deason ([EMAIL PROTECTED]) wrote:
> Suppose I want to use krb5_ccname and SASL, so I can have a host
> authenticate with its host principal from a keytab. However, I don't want
> normal users to be able to read the host principal keytab; I just want
> libnss-ldap to use their own kerberos
Package: libnss-ldap
Version: 251-5.2
Severity: normal
Tags: patch
Suppose I want to use krb5_ccname and SASL, so I can have a host
authenticate with its host principal from a keytab. However, I don't want
normal users to be able to read the host principal keytab; I just want
libnss-ldap to use t
4 matches
Mail list logo
