Projects/Improve GSSAPI mechanism configuration
Requirements and scope
The GSSAPI mechglue allows the installation of additional mechanisms. These mechanisms are currently sourced from the file /etc/gss/mech at library load time.
In order to improve management of additional mechanism as separate packages for distributions, it would be easier if each package could drop a configuration fragment in a separate file to activate a new installed plugin instead of changing a single configuration file.
Design
A new directory owned by the GSSAPI library is created in /etc/gss/mech.d. In this directory, packages can drop configuration fragments that use the exact same configuration format of the current /etc/gss/mech file.
After the main /etc/gss/mech file has been parsed, any file in this directory with a name ending in ".conf" is opened and parsed to find additional mechanisms to load.
Testing
Because there is no way to change the path to /etc/gss/mech or /etc/gss/mech.d, the automated test suite cannot test this feature.
Documentation
host_config.rst and gssapi.rst will be updated to document /etc/gss/mech.d.
Release notes
Administrator experience:
- Add support for configuring GSS mechanisms using /etc/gss/mech.d/*.conf files in addition to /etc/gss/mech.