[16228] in Kerberos_V5_Development
Re: Processing .k5login (another patch)
daemon@ATHENA.MIT.EDU (Roland C. Dowdeswell)
Wed Sep 1 18:40:19 2010
Date: Wed, 1 Sep 2010 23:40:53 +0100
From: "Roland C. Dowdeswell" <elric@imrryr.org>
To: Russ Allbery <rra@stanford.edu>
Message-ID: <20100901224053.GD20547@mournblade.imrryr.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <87sk1tt7lu.fsf@windlord.stanford.edu>
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Wed, Sep 01, 2010 at 03:35:41PM -0700, Russ Allbery wrote:
>
> "Roland C. Dowdeswell" <elric@imrryr.org> writes:
>
> > I was thinking about that. And in effect, that is what I am doing by
> > providing a BDB lookup table. With the exception that I will not have
> > to maintain 30-40 thousand files to get the functionality.
>
> Can that support the case where multiple principals are authorized to log
> on to the local account? The use case I have in mind are for things like
> the oracle account.
Yes. The BDB is a hash of principal to local name. Local name
can be the same for multiple principals.
--
Roland Dowdeswell http://Imrryr.ORG/~elric/
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
