[2256] in Kerberos-V5-bugs
Re: Bug fix: kdc.conf not being read
daemon@ATHENA.MIT.EDU (Jon Roma)
Mon Sep 23 10:59:31 1996
To: Sam Hartman <hartmans@MIT.EDU>
Cc: Ken Hornstein <kenh@cmf.nrl.navy.mil>, krb5-bugs@MIT.EDU, kerberos@MIT.EDU
Date: Mon, 23 Sep 1996 09:46:50 -0500
From: Jon Roma <roma@uiuc.edu>
Jon> As an aside, shouldn't the default ticket lifetime for kinit be
Jon> an option settable in the [libdefaults] section of the
Jon> krb5.conf rather than a compiled-in default of 10 hours?
Ken> The default ticket lifetime for kinit will be settable (with
Ken> hopefully many other things) in the [appdefaults] section in
Ken> the next release. (Err, that _did_ make it into the tree,
Ken> didn't it, Sam?)
Sam Hartman writes:
> This is still very much an open issue. There are several
>different design issues involved . For example, several developers
>feel fairly strongly that krb5.conf should only include library
>options.
I saw this discussion _en passant_ a few weeks ago, but I don't recall the
nature of the argument against including site-configurable parameters in
the krb5.conf file? From this consumer's point of view, it seems perfectly
appropriate -- and preferable -- that there be only one configuration file
(krb5.conf) that needs to be installed on each Kerberos host not running
a KDC. I don't see the value in requiring separate configuration files
for different functionality and suspect that to do so would tend to confuse.
Are there technical issues that make this inappropriate?
