[Freeipa-devel] [PATCH] Add kerberos mapping for clients outside the IPA domain

Alexander Bokovoy abokovoy at redhat.com
Fri Oct 21 10:11:11 UTC 2011


On Fri, 21 Oct 2011, Martin Kosek wrote:
> On Thu, 2011-10-20 at 10:26 +0200, Lars Sjöström wrote:
> > Proposed patch for bug https://fedorahosted.org/freeipa/ticket/2006
> thank you for your investigation of the problem and the patch!
> 
> I had to refactor the patch a little, your patch updated just the
> temporary krb5.conf, not the one put permanently to /etc/krb5.conf.
> 
> I also moved DNS update before the certmonger is being configured.
> Otherwise certmonger may fail because the client does not have proper
> DNS record.
> 
> Patch attached.
ACK. It took me a while but hostname is ensured to be FQDN by the 
point we do that dangerous hostname[where is the dot+1:] operation. :)

-- 
/ Alexander Bokovoy




More information about the Freeipa-devel mailing list