[Freeipa-devel] [PATCH] Add kerberos mapping for clients outside the IPA domain
Alexander Bokovoy
abokovoy at redhat.com
Fri Oct 21 10:11:11 UTC 2011
On Fri, 21 Oct 2011, Martin Kosek wrote:
> On Thu, 2011-10-20 at 10:26 +0200, Lars Sjöström wrote:
> > Proposed patch for bug https://fedorahosted.org/freeipa/ticket/2006
> thank you for your investigation of the problem and the patch!
>
> I had to refactor the patch a little, your patch updated just the
> temporary krb5.conf, not the one put permanently to /etc/krb5.conf.
>
> I also moved DNS update before the certmonger is being configured.
> Otherwise certmonger may fail because the client does not have proper
> DNS record.
>
> Patch attached.
ACK. It took me a while but hostname is ensured to be FQDN by the
point we do that dangerous hostname[where is the dot+1:] operation. :)
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list