A new option krb5_use_kdcinfo

https://fedorahosted.org/sssd/ticket/1883 The patch introduces a new Kerberos provider option called krb5_use_kdcinfo. The option is true by default in all providers. When set to false, the SSSD will not create krb5 info files that the locator plugin consumes and the user would have to set up the Kerberos options manually in krb5.conf
author: Jakub Hrozek <jhrozek@redhat.com> 2013-06-07 11:28:35 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2013-06-10 21:03:01 +0200
commit: 14452cd066b51e32ca0ebad6c45ae909a1debe57 (patch)
tree: 5c89a40d71008b0b2853b831d937a995e4a424ef /src/config
parent: 7b5e7e539ae9312ab55d75aa94feaad549b2a708 (diff)
download: sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.tar.gz
sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.tar.bz2
sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.zip
6 files changed, 11 insertions, 3 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in
index b6e722fc..4d7629e1 100644
--- a/src/config/SSSDConfig/__init__.py.in
+++ b/src/config/SSSDConfig/__init__.py.in
@@ -165,6 +165,7 @@ option_strings = {
     'krb5_backup_server' : _('Kerberos backup server address'),
     'krb5_realm' : _('Kerberos realm'),
     'krb5_auth_timeout' : _('Authentication timeout'),
+    'krb5_use_kdcinfo' : _('Whether to create kdcinfo files'),
 
     # [provider/krb5/auth]
     'krb5_ccachedir' : _('Directory to store credential caches'),
diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py
index f44fac72..ca344ad4 100755
--- a/src/config/SSSDConfigTest.py
+++ b/src/config/SSSDConfigTest.py
@@ -614,7 +614,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
              'krb5_use_fast',
              'krb5_fast_principal',
              'krb5_canonicalize',
-             'krb5_use_enterprise_principal'])
+             'krb5_use_enterprise_principal',
+             'krb5_use_kdcinfo'])
 
         options = domain.list_options()
 
@@ -773,7 +774,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
             'krb5_use_fast',
             'krb5_fast_principal',
             'krb5_canonicalize',
-            'krb5_use_enterprise_principal']
+            'krb5_use_enterprise_principal',
+            'krb5_use_kdcinfo']
 
         self.assertTrue(type(options) == dict,
                         "Options should be a dictionary")
@@ -967,7 +969,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
              'krb5_use_fast',
              'krb5_fast_principal',
              'krb5_canonicalize',
-             'krb5_use_enterprise_principal'])
+             'krb5_use_enterprise_principal',
+             'krb5_use_kdcinfo'])
 
         options = domain.list_options()
 
diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf
index 3be25e8d..120c8275 100644
--- a/src/config/etc/sssd.api.d/sssd-ad.conf
+++ b/src/config/etc/sssd.api.d/sssd-ad.conf
@@ -29,6 +29,7 @@ krb5_backup_server = str, None, false
 krb5_realm = str, None, false
 krb5_auth_timeout = int, None, false
 krb5_canonicalize = bool, None, false
+krb5_use_kdcinfo = bool, None, false
 ldap_krb5_keytab = str, None, false
 ldap_krb5_init_creds = bool, None, false
 ldap_entry_usn = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf
index e6f1bb0a..8a7e75f2 100644
--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
@@ -35,6 +35,7 @@ krb5_server = str, None, false
 krb5_backup_server = str, None, false
 krb5_realm = str, None, false
 krb5_auth_timeout = int, None, false
+krb5_use_kdcinfo = bool, None, false
 krb5_kpasswd = str, None, false
 krb5_backup_kpasswd = str, None, false
 krb5_canonicalize = bool, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-krb5.conf b/src/config/etc/sssd.api.d/sssd-krb5.conf
index 89d16d77..e65ed01b 100644
--- a/src/config/etc/sssd.api.d/sssd-krb5.conf
+++ b/src/config/etc/sssd.api.d/sssd-krb5.conf
@@ -4,6 +4,7 @@ krb5_server = str, None, false
 krb5_backup_server = str, None, false
 krb5_realm = str, None, true
 krb5_auth_timeout = int, None, false
+krb5_use_kdcinfo = bool, None, false
 krb5_kpasswd = str, None, false
 krb5_backup_kpasswd = str, None, false
 
diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf
index 14e979da..870cf20f 100644
--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
@@ -21,6 +21,7 @@ krb5_kdcip = str, None, false
 krb5_server = str, None, false
 krb5_realm = str, None, false
 krb5_canonicalize = bool, None, false
+krb5_use_kdcinfo = bool, None, false
 ldap_krb5_keytab = str, None, false
 ldap_krb5_init_creds = bool, None, false
 ldap_entry_usn = str, None, false
author	Jakub Hrozek <jhrozek@redhat.com>	2013-06-07 11:28:35 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2013-06-10 21:03:01 +0200
commit	14452cd066b51e32ca0ebad6c45ae909a1debe57 (patch)
tree	5c89a40d71008b0b2853b831d937a995e4a424ef /src/config
parent	7b5e7e539ae9312ab55d75aa94feaad549b2a708 (diff)
download	sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.tar.gz sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.tar.bz2 sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.zip