[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: krb5 services override in krb5.conf?

To: Derrick J Brashear <shadow@dementia.org>
Subject: Re: krb5 services override in krb5.conf?
From: Assar Westerlund <assar@sics.se>
Date: 03 Aug 2000 03:54:01 +0200
Cc: heimdal-discuss@sics.se
In-Reply-To: Derrick J Brashear's message of "Wed, 2 Aug 2000 09:26:50 -0400 (EDT)"
References: <Pine.LNX.3.96L.1000802092133.971B-100000@VPN-100-237.CC.CMU.EDU>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.070098 (Pterodactyl Gnus v0.98) Emacs/20.6

Derrick J Brashear <shadow@dementia.org> writes:
> It would be nice if there were a way to override the use of getservbyname
> for kerberos ports in /etc/krb5.conf, maybe something like
> 
> [ports]
> 	kerberos = 88/tcp 88/udp
> 	
> etc.
> 
> Problem is we have legacy software which expects to find an entry which is
> kerberos 750/udp
> in services, and if you remove it, they simply don't work. But... our krb5
> kdc isn't listening on 750, only on 88.

I would really prefer not to.  Having krb5.conf act the same way as
/etc/services but with different syntax seems just... non-optimal.  An
according to IANA, 'kerberos 88/udp' (and tcp) is the correct
assignment.

a) What is the problem with your `legacy' software?
b) Could you make your kdc listen to 750?
c) How large a bribe are you offering?

/assar

Follow-Ups:
- Re: krb5 services override in krb5.conf?
  - From: Derrick J Brashear <shadow@dementia.org>

References:
- krb5 services override in krb5.conf?
  - From: Derrick J Brashear <shadow@dementia.org>

Prev by Date: krb5 services override in krb5.conf?
Next by Date: Re: krb5 services override in krb5.conf?
Prev by thread: krb5 services override in krb5.conf?
Next by thread: Re: krb5 services override in krb5.conf?
Index(es):
- Date
- Thread