logo_kerberos.gif

Projects/Improve GSSAPI mechanism configuration

From K5Wiki
< Projects
Revision as of 14:15, 18 October 2013 by Simo (talk | contribs) (New page: ==Requirements and scope== The GSSAPI mechglue allows the installation of additional mechanisms, these mechanisms are currently sourced from the file /etc/gss/mech at library load time. ...)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Requirements and scope

The GSSAPI mechglue allows the installation of additional mechanisms, these mechanisms are currently sourced from the file /etc/gss/mech at library load time.

In order to improve management of additional mechanism as separate packages for distributions it would be easier if ech package could drop a configuration fragment in a separate file to activate a new installed plugin instead of changing a signle configuration file.

Design

A new directory owned by the GSSAPI library is created in /etc/gss/mech.d In this directory packages can drop configuration fragments that use the exact same configuration format of the current /etc/gss/mech file.

After the main /etc/gss/mech file has been parsed, any file in this directory is opened and parsed to find additional mechanisms to load.

Retrieved from "https://k5wiki.kerberos.org/wiki?title=Projects/Improve_GSSAPI_mechanism_configuration&oldid=5236"