[36934] in Kerberos
Re: specifying an alternate realm/krb5.conf configuration for
daemon@ATHENA.MIT.EDU (Tim Mooney)
Fri Apr 24 20:37:11 2015
Date: Fri, 24 Apr 2015 17:27:31 -0500 (CDT)
From: Tim Mooney <Tim.Mooney@ndsu.edu>
To: "kerberos@mit.edu" <kerberos@mit.edu>
In-Reply-To: <CAAd7auZArgt5ks8cnar91oWrmqPCDY-ON4P6GhvLvxJviswRdQ@mail.gmail.com>
Message-ID: <alpine.SOC.2.11.1504241722060.26050@dogbert.cc.ndsu.NoDak.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
In regard to: Re: specifying an alternate realm/krb5.conf configuration for...:
> 2) Set KRB5REALM=REALMB in /etc/sysconfig/krb5kdc
>
> #2 is working for me, and is maybe the correct answer to this question.
For RHEL-derived systems, that is the appropriate way to do what you're
trying to do.
Setting KRB5REALM=REALMB in /etc/sysconfig/krb5kdc causes the krb5kdc
init script to be passed the following additional arg on startup:
-r REALMB
If you look at the man page for krb5kdc, you'll see:
The -r realm option specifies the realm for which the server should
provide service; by default the realm returned by
krb5_default_local_realm(3) is used.
It's krb5_default_local_realm() that's reading krb5.conf.
Tim
--
Tim Mooney Tim.Mooney@ndsu.edu
Enterprise Computing & Infrastructure 701-231-1076 (Voice)
Room 242-J6, Quentin Burdick Building 701-231-8541 (Fax)
North Dakota State University, Fargo, ND 58105-5164
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos