logo_kerberos.gif

Projects/Improve GSSAPI mechanism configuration

From K5Wiki
< Projects
Revision as of 15:44, 18 October 2013 by BenKaduk (talk | contribs) (spell 'each' correctly)

Jump to: navigation, search
This is an early stage project for MIT Kerberos. It is being fleshed out by its proponents. Feel free to help flesh out the details of this project. After the project is ready, it will be presented for review and approval.


This project is targeted at release 1.13.


Requirements and scope

The GSSAPI mechglue allows the installation of additional mechanisms, these mechanisms are currently sourced from the file /etc/gss/mech at library load time.

In order to improve management of additional mechanism as separate packages for distributions it would be easier if each package could drop a configuration fragment in a separate file to activate a new installed plugin instead of changing a signle configuration file.

Design

A new directory owned by the GSSAPI library is created in /etc/gss/mech.d In this directory packages can drop configuration fragments that use the exact same configuration format of the current /etc/gss/mech file.

After the main /etc/gss/mech file has been parsed, any file in this directory is opened and parsed to find additional mechanisms to load.

Retrieved from "https://k5wiki.kerberos.org/wiki?title=Projects/Improve_GSSAPI_mechanism_configuration&oldid=5238"