[CalendarServer-dev] [CalendarServer] #314: Custom keytab file location for Kerberos
CalendarServer
trac at macosforge.org
Wed Feb 11 10:56:57 PST 2009
#314: Custom keytab file location for Kerberos
-------------------------------+--------------------------------------------
Reporter: rahul@… | Owner: wsanchez@…
Type: Enhancement | Status: new
Priority: 4: Nice to have | Milestone: Later
Component: Calendar Server | Severity: Other
Keywords: |
-------------------------------+--------------------------------------------
Comment(by arthurp@…):
Replying to [comment:1 wsanchez@…]:
> I think we just find the keytab via the underlying Kerberos library.
Right, but the underlying Kerberos library expects to obtain any non-
default keytab locations from the environment variable KRB5_KTNAME, which
is being filtered out by twisted. (see
[http://twistedmatrix.com/trac/wiki/FrequentlyAskedQuestions#WhydontmyspawnProcessprogramsseemyenvironmentvariables
twisted FAQ]) For implementing this, I've chosen to patch through the
environment variable as is already being done for PYTHONPATH (rather than
dealing with adding configuration file items).
The attached patch has been tested on Debian Lenny, against Debian's
pykerberos 1.0+svn2455-1. From what I can see, the changes between that
and pykerberos 1.1 stay far away from keytab handling.
Note that setting KRB5_KTNAME to '' results in no keytab file ever being
found, thus the mildly awkward syntax.
--
Ticket URL: <http://trac.calendarserver.org/ticket/314#comment:2>
CalendarServer </>
HTTP/WebDAV/CalDAV Server
More information about the calendarserver-dev
mailing list