[16238] in Kerberos_V5_Development
Re: Processing .k5login (another patch)
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Sep 2 11:53:18 2010
From: Greg Hudson <ghudson@mit.edu>
To: Russ Allbery <rra@stanford.edu>
In-Reply-To: <871v9dung9.fsf@windlord.stanford.edu>
Date: Thu, 02 Sep 2010 11:53:13 -0400
Message-ID: <1283442793.5992.1077.camel@ray>
Mime-Version: 1.0
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Wed, 2010-09-01 at 18:08 -0400, Russ Allbery wrote:
> Nicolas Williams <Nicolas.Williams@oracle.com> writes:
>
> > I'd rather have an option for specifying the location of the k5login
> > file, so it can be moved into a location where the user cannot control
> > it.
>
> That would be very nice.
Perhaps something like:
[libdefaults]
k5login = $HOME/.k5login # Default
k5login = /var/lib/k5login/$USER # Centrally managed
k5login = # Disable altogether
I'm not fixated on that substitution syntax, but I imagine there'd need
to be some way to substitute in the homedir and username. Python's
ConfigParser supports a %() substitution syntax, but using that seems
like it would be a mistake since it substitutes variables within the
same section.
I can't promise to implement this for 1.9, but I can write it up as an
early project and perhaps do it on the margin later.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
