[1952] in Kerberos_V5_Development
Re: krb5.conf and kdc.conf pointing to each other
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Wed Nov 13 00:37:24 1996
Date: Wed, 13 Nov 1996 00:37:17 -0500
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: "Barry Jaspan" <bjaspan@MIT.EDU>
Cc: krbdev@MIT.EDU
In-Reply-To: Barry Jaspan's message of Mon, 11 Nov 1996 12:45:07 -0500,
<9611111745.AA29935@DUN-DUN-NOODLES.MIT.EDU>
Date: Mon, 11 Nov 1996 12:45:07 -0500
From: "Barry Jaspan" <bjaspan@MIT.EDU>
There have been several bug reports about the documentation suggesting
that both krb5.conf and kdc.conf can point to each other. Obviously,
this is impossible.
How is it supposed to be? Which file, if either, can have a profile
relation that specifies the location of the other file? What stanza
does the relation occur in?
As far as I can tell, neither is true any more, and we should remove
from the documentation any hint that this will work.
Having kdc.conf point to krb5.conf was attempted in the kdc sources, but
it was broken and didn't work, so I just removed all of that code.
Having the krb5.conf contain a default location for the kdc.conf file
would be nice, but it looks like it's not being done in alt_prof.c, and
it doesn't look like any of the new kadm5 utilities are looking anywhere
except the compiled in defaults.
Arguably the right way to fix this is to use first the environment
variable (if it exists), then the value in krb5.conf (if it is there),
and finally use the compiled-in default, to find the pathname for
kdc.conf. That's not what we're doing now, though.
- Ted
