This untested patch might do it. It should apply cleanly to the 3.3
branch and trunk.
Jean-Louis
Trever L. Adams wrote:
For technical reasons, I have a set of hosts I must backup. They are in
different kerberos realms. The realms cannot and do not trust each other
(hopefully the technical reasons for this will be solved someday).
Can krb5keytab and krb5principal be defined in a dumptype or some other
way so that I can have them all defined in one amanda.conf? I need to
fit as many hosts on each tape as possible, so I cannot have different
dump sets (at least if I understand the documentation correctly, I am
new to amanda).
Thank you,
Trever
diff --git a/common-src/conffile.c b/common-src/conffile.c
index 7461398..11172b9 100644
--- a/common-src/conffile.c
+++ b/common-src/conffile.c
@@ -1373,6 +1373,8 @@ conf_var_t dumptype_var [] = {
{ CONF_ALLOW_SPLIT , CONFTYPE_BOOLEAN , read_bool , DUMPTYPE_ALLOW_SPLIT , NULL },
{ CONF_RECOVERY_LIMIT , CONFTYPE_HOST_LIMIT, read_host_limit, DUMPTYPE_RECOVERY_LIMIT , NULL },
{ CONF_DUMP_LIMIT , CONFTYPE_HOST_LIMIT, read_host_limit, DUMPTYPE_DUMP_LIMIT , validate_dump_limit },
+ { CONF_KRB5KEYTAB , CONFTYPE_STR , read_str , DUMPTYPE_KRB5KEYTAB , NULL },
+ { CONF_KRB5PRINCIPAL , CONFTYPE_STR , read_str , DUMPTYPE_KRB5PRINCIPAL , NULL },
{ CONF_UNKNOWN , CONFTYPE_INT , NULL , DUMPTYPE_DUMPTYPE , NULL }
};
@@ -2393,6 +2395,8 @@ init_dumptype_defaults(void)
conf_init_bool (&dpcur.value[DUMPTYPE_ALLOW_SPLIT] , 1);
conf_init_host_limit(&dpcur.value[DUMPTYPE_RECOVERY_LIMIT]);
conf_init_host_limit_server(&dpcur.value[DUMPTYPE_DUMP_LIMIT]);
+ conf_init_str (&dpcur.value[DUMPTYPE_KRB5KEYTAB] , "");
+ conf_init_str (&dpcur.value[DUMPTYPE_KRB5PRINCIPAL], "");
}
static void
diff --git a/common-src/conffile.h b/common-src/conffile.h
index b901b6f..96387b8 100644
--- a/common-src/conffile.h
+++ b/common-src/conffile.h
@@ -713,6 +713,8 @@ typedef enum {
DUMPTYPE_ALLOW_SPLIT,
DUMPTYPE_RECOVERY_LIMIT,
DUMPTYPE_DUMP_LIMIT,
+ DUMPTYPE_KRB5KEYTAB,
+ DUMPTYPE_KRB5PRINCIPAL,
DUMPTYPE_DUMPTYPE /* sentinel */
} dumptype_key;
@@ -804,6 +806,8 @@ char *dumptype_name(dumptype_t *dtyp);
#define dumptype_get_allow_split(dtyp) (val_t_to_boolean(dumptype_getconf((dtyp), DUMPTYPE_ALLOW_SPLIT)))
#define dumptype_get_recovery_limit(dtyp) (val_t_to_host_limit(dumptype_getconf((dtyp), DUMPTYPE_RECOVERY_LIMIT)))
#define dumptype_get_dump_limit(dtyp) (val_t_to_host_limit(dumptype_getconf((dtyp), DUMPTYPE_DUMP_LIMIT)))
+#define dumptype_get_krb5keytab(dtyp) (val_t_to_str(dumptype_getconf((dtyp), DUMPTYPE_KRB5KEYTAB)))
+#define dumptype_get_krb5principal(dtyp) (val_t_to_str(dumptype_getconf((dtyp), DUMPTYPE_KRB5PRINCIPAL)))
/*
* Interface parameter access
diff --git a/server-src/diskfile.c b/server-src/diskfile.c
index 71e2ef5..222a528 100644
--- a/server-src/diskfile.c
+++ b/server-src/diskfile.c
@@ -710,6 +710,8 @@ parse_diskline(
disk->comprate[1] = dumptype_get_comprate(dtype)[1];
disk->data_path = dumptype_get_data_path(dtype);
disk->dump_limit = dumptype_get_dump_limit(dtype);
+ disk->krb5principal = dumptype_get_krb5principal(dtype);
+ disk->krb5keytab = dumptype_get_krb5keytab(dtype);
/*
* Boolean parameters with no value (Appears here as value 2) defaults
diff --git a/server-src/diskfile.h b/server-src/diskfile.h
index e543f65..ffe0079 100644
--- a/server-src/diskfile.h
+++ b/server-src/diskfile.h
@@ -124,6 +124,8 @@ typedef struct disk_s {
char *application;
identlist_t pp_scriptlist;
host_limit_t *dump_limit;
+ char *krb5principal;
+ char *krb5keytab;
void *up; /* generic user pointer */
} disk_t;
diff --git a/server-src/server_util.c b/server-src/server_util.c
index 4ef6e88..ebf2e99 100644
--- a/server-src/server_util.c
+++ b/server-src/server_util.c
@@ -144,10 +144,16 @@ amhost_get_security_conf(
if(!string || !*string)
return(NULL);
- if(strcmp(string, "krb5principal")==0)
- return(getconf_str(CNF_KRB5PRINCIPAL));
- else if(strcmp(string, "krb5keytab")==0)
- return(getconf_str(CNF_KRB5KEYTAB));
+ if (strcmp(string, "krb5principal")==0) {
+ if (strlen(((am_host_t *)arg)->disks->krb5principal) > 0)
+ return ((am_host_t *)arg)->disks->krb5principal;
+ return(getconf_str(CNF_KRB5PRINCIPAL));
+ }
+ else if (strcmp(string, "krb5keytab")==0) {
+ if (strlen(((am_host_t *)arg)->disks->krb5keytab) > 0)
+ return ((am_host_t *)arg)->disks->krb5keytab;
+ return(getconf_str(CNF_KRB5KEYTAB));
+ }
if(!arg || !((am_host_t *)arg)->disks) return(NULL);
