rpms/krb5/devel kdc.conf, 1.14, 1.15 krb5.spec, 1.166, 1.167 kadmind.init, 1.13, 1.14
Nalin Somabhai Dahyabhai (nalin)
fedora-extras-commits at redhat.com
Fri Apr 4 21:30:32 UTC 2008
- Previous message (by thread): rpms/vdr/devel vdr-1.6.0-fedora-pkgconfig.patch, NONE, 1.1.2.1 vdr-1.6.0-includes+pkgconfig.patch, NONE, 1.1.2.1 .cvsignore, 1.13.2.2, 1.13.2.3 sources, 1.13.2.2, 1.13.2.3 vdr-1.6.0-man-section.patch, 1.1.2.1, 1.1.2.2 vdr-CHANGES.package.old, 1.1, 1.1.2.1 vdr.spec, 1.23.2.2, 1.23.2.3
- Next message (by thread): rpms/krb5/devel krb5-1.6.3-kdc_listen_all.patch,NONE,1.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: nalin
Update of /cvs/pkgs/rpms/krb5/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1767
Modified Files:
kdc.conf krb5.spec kadmind.init
Log Message:
- stop exporting kadmin keys to a keytab file when kadmind starts -- the
daemon's been able to use the database directly for a long long time now
- belatedly add aes128,aes256 to the default set of supported key types
Index: kdc.conf
===================================================================
RCS file: /cvs/pkgs/rpms/krb5/devel/kdc.conf,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- kdc.conf 26 Jul 2007 18:36:57 -0000 1.14
+++ kdc.conf 4 Apr 2008 21:29:53 -0000 1.15
@@ -5,9 +5,9 @@
[realms]
EXAMPLE.COM = {
- #master_key_type = des3-hmac-sha1
+ #master_key_type = aes256-cts
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
- supported_enctypes = des3-hmac-sha1:normal arcfour-hmac:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3
+ supported_enctypes = aes256-cts:normal aes128-cts:normal des3-hmac-sha1:normal arcfour-hmac:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3
}
Index: krb5.spec
===================================================================
RCS file: /cvs/pkgs/rpms/krb5/devel/krb5.spec,v
retrieving revision 1.166
retrieving revision 1.167
diff -u -r1.166 -r1.167
--- krb5.spec 1 Apr 2008 20:54:54 -0000 1.166
+++ krb5.spec 4 Apr 2008 21:29:53 -0000 1.167
@@ -16,7 +16,7 @@
Summary: The Kerberos network authentication system.
Name: krb5
Version: 1.6.3
-Release: 11%{?dist}
+Release: 12%{?dist}
# Maybe we should explode from the now-available-to-everybody tarball instead?
# http://web.mit.edu/kerberos/dist/krb5/1.6/krb5-1.6.2-signed.tar
Source0: krb5-%{version}.tar.gz
@@ -231,6 +231,11 @@
certificate.
%changelog
+* Fri Apr 4 2008 Nalin Dahyabhai <nalin at redhat.com> 1.6.3-12
+- stop exporting kadmin keys to a keytab file when kadmind starts -- the
+ daemon's been able to use the database directly for a long long time now
+- belatedly add aes128,aes256 to the default set of supported key types
+
* Tue Apr 1 2008 Nalin Dahyabhai <nalin at redhat.com> 1.6.3-11
- libgssapi_krb5: properly export the acceptor subkey when creating a lucid
context (Kevin Coffman, via the nfs4 mailing list)
Index: kadmind.init
===================================================================
RCS file: /cvs/pkgs/rpms/krb5/devel/kadmind.init,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- kadmind.init 2 Jan 2008 17:03:38 -0000 1.13
+++ kadmind.init 4 Apr 2008 21:29:53 -0000 1.14
@@ -38,15 +38,7 @@
echo $"Error. This appears to be a slave server, found kpropd.acl"
exit 6
else
- [ -x $kadmind ] || exit 5
- if [ ! -f /var/kerberos/krb5kdc/kadm5.keytab ] ; then
- echo -n $"Extracting kadm5 Service Keys: "
- # This should always work.
- /usr/kerberos/sbin/kadmin.local ${KRB5REALM:+-r $KRB5REALM} -q "ktadd -k /var/kerberos/krb5kdc/kadm5.keytab kadmin/admin${KRB5REALM:+@$KRB5REALM} kadmin/changepw${KRB5REALM:+@$KRB5REALM}" && success || failure
- # It's probably okay if this fails.
- /usr/kerberos/sbin/kadmin.local ${KRB5REALM:+-r $KRB5REALM} -q "ktadd -k /var/kerberos/krb5kdc/kadm5.keytab kadmin/`hostname`${KRB5REALM:+@$KRB5REALM}" 2> /dev/null && success
- echo
- fi
+ [ -x $kadmind ] || exit 5
fi
echo -n $"Starting $prog: "
daemon ${kadmind} ${KRB5REALM:+-r ${KRB5REALM}} $KADMIND_ARGS
- Previous message (by thread): rpms/vdr/devel vdr-1.6.0-fedora-pkgconfig.patch, NONE, 1.1.2.1 vdr-1.6.0-includes+pkgconfig.patch, NONE, 1.1.2.1 .cvsignore, 1.13.2.2, 1.13.2.3 sources, 1.13.2.2, 1.13.2.3 vdr-1.6.0-man-section.patch, 1.1.2.1, 1.1.2.2 vdr-CHANGES.package.old, 1.1, 1.1.2.1 vdr.spec, 1.23.2.2, 1.23.2.3
- Next message (by thread): rpms/krb5/devel krb5-1.6.3-kdc_listen_all.patch,NONE,1.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list