[16608] in Kerberos-V5-bugs
[krbdev.mit.edu #8945] krb5kdc: the 32 realms limit
daemon@ATHENA.MIT.EDU (daemon@ATHENA.MIT.EDU)
Mon Sep 7 10:37:39 2020
From: "=?UTF-8?B?w5DClMOQwrjDkMK7w5HCj8OQwr0gw5DCn8OQwrDDkMK7w5DCsMORwoPDkMK3?=
=?UTF-8?B?w5DCvsOQwrI=?= via RT" <rt-comment@krbdev.mit.edu>
In-Reply-To: <257897be7b144984156afad04905b658a190dcdd.camel@aegee.org>
Message-ID: <rt-4.4.4-14491-1599489434-1318.8945-4-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #8945":;
Date: Mon, 07 Sep 2020 10:37:14 -0400
MIME-Version: 1.0
Reply-To: rt-comment@krbdev.mit.edu
Content-Type: text/plain; charset="utf-8"
Errors-To: krb5-bugs-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Mon Sep 07 10:37:14 2020: Request 8945 was acted upon.
Transaction: Ticket created by dilyan.palauzov@aegee.org
Queue: krb5
Subject: krb5kdc: the 32 realms limit
Owner: Nobody
Requestors: dilyan.palauzov@aegee.org
Status: new
Ticket <URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8945 >
Hello,
https://web.mit.edu/kerberos/krb5-1.18/doc/admin/admin_commands/krb5kdc.html says:
OPTIONS
The -r realm option specifies the realm for which the server should
provide service. This option may be specified multiple times to serve
multiple realms. If no -r option is given, the default realm (as
specified in krb5.conf) will be served.
EXAMPLE
The KDC may service requests for multiple realms (maximum 32 realms).
The realms are listed on the command line. Per-realm options that can
be specified on the command line pertain for each realm that follows it
and are superseded by subsequent definitions of the same option.
---------------------------
• If krb5.conf defines 62 realms, can I run two instances of krb5kdc,
each with 31 -r parameters, to cover all realms? The answer shall be
evident from the documentation.
• Please extend krb5kdc, so that a single instance can handle unlimited
amount of realms
• Please add means to krb5kdc to serve all configured realms in
kdc.conf, without the need to create -r for each realm
• In the meantime, move in the documentation above the 32-limitation
from the Example section to the Options section.
Greetings
Dilyan
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
