systematic Kerberization
Havoc Pennington
hp at redhat.com
Tue May 11 13:24:34 UTC 2004
On Tue, 2004-05-11 at 00:37, Jeremy Katz wrote:
> > For me, though, the biggest problem is the generic pam / glibc / moon phase
> > / whatever interaction where RH and Fedora systems blow up badly, failing to
> > degrade back to existing local accounts, if a distributed information /
> > authentication (LDAP, krb, NIS) is down.... Any enterprise that's going
> > Kerberos, IMHO, can mostly work around the rest simply by pushing out more
> > functional software than what RH ships, but that one can be kinda a pain to
> > work around....
>
> Yeah, I'm not quite sure what's going on here. At the same time, it's
> definitely not an unsolvable problem. And since this is Havoc's
> wishlist thread, we should make sure that fixing this ends up in
> there ;)
This isn't the first strong customer request for disconnected operation.
I have no idea what's involved though (it seems like there would be some
tricky security issues?). I could ask Nalin, but public lists beat
hallway conversations. ;-)
Havoc
More information about the fedora-devel-list
mailing list