[29179] in Kerberos
Re: Heimdal krb5.conf sections
daemon@ATHENA.MIT.EDU (Victor Sudakov)
Wed Jan 30 22:45:22 2008
From: Victor Sudakov <vas@mpeks.no-spam-here.tomsk.su>
Date: Thu, 31 Jan 2008 03:21:10 +0000 (UTC)
Message-ID: <fnrer6$2ko0$1@relay.tomsk.ru>
X-Complaints-To: noc@sibptus.tomsk.ru
X-Comment-To: Russ Allbery <rra@stanford.edu>
To: kerberos@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Russ Allbery wrote:
> > According to the man page, some options such as ticket_lifetime,
> > renew_lifetime etc can be used both in the [appdefaults] and
> > [libdefaults] sections. What is the difference between the usages?
> At least with MIT, [libdefaults] affects the library default and will
> affect any application that uses Kerberos. [appdefaults] will only affect
> applications that explicitly read krb5.conf and look for appdefaults
> settings. I would *assume* that Heimdal is the same.
Which is preferable for setting kinit options?
In fact, I have tried setting "forwardable = yes" in both the sections,
however after "kinit -R" the ticket ceases to be forwardable. I have
to say ""kinit -Rf" explicitly all the time. What gives?
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49@fidonet http://vas.tomsk.ru/
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
