[Freeipa-devel] [PATCH] Add kerberos mapping for clients outside the IPA domain

Martin Kosek mkosek at redhat.com
Fri Oct 21 12:58:48 UTC 2011


Hello Lars,

that's the plan.

I pushed the patch to master, ipa-2-1 and set up flags for the BZ so
that we can get it to Snapshot 4.

Martin

On Fri, 2011-10-21 at 13:57 +0200, Lars Sjöström wrote:
> Excellent! Thanks guys! Still a chance that this can be backported
> into rhel6.2 release?
> 
> Best regards,
> Lars
> 
> 2011/10/21 Alexander Bokovoy <abokovoy at redhat.com>:
> > On Fri, 21 Oct 2011, Martin Kosek wrote:
> >> On Thu, 2011-10-20 at 10:26 +0200, Lars Sjöström wrote:
> >> > Proposed patch for bug https://fedorahosted.org/freeipa/ticket/2006
> >> thank you for your investigation of the problem and the patch!
> >>
> >> I had to refactor the patch a little, your patch updated just the
> >> temporary krb5.conf, not the one put permanently to /etc/krb5.conf.
> >>
> >> I also moved DNS update before the certmonger is being configured.
> >> Otherwise certmonger may fail because the client does not have proper
> >> DNS record.
> >>
> >> Patch attached.
> > ACK. It took me a while but hostname is ensured to be FQDN by the
> > point we do that dangerous hostname[where is the dot+1:] operation. :)
> >
> > --
> > / Alexander Bokovoy
> >
> 
> 
> 





More information about the Freeipa-devel mailing list