В Срд, 11/01/2012 в 13:44 +0700, Ivan Shmakov пишет: > >>>>> Denis Feklushkin <denis.feklush...@gmail.com> writes: > > […] > > > Libpq often used for connect to the database without human assist. > > In this case there is no opportunity to enter a password and get a > > ticket for authentication in Kerberos. > > > Please add the ability to specify in a function PQconnectdb(conninfo) > > path to the Kerberos 5 keytab file. > > Shouldn't libpq just assume whatever identity confirmed by the > prior kinit(1) invocation when using Kerberos for > authentication?
In general, ability to use a different keytab files would add some flexibility - libpq will be able to connect to the different servers in different realms at same time. (I wanted it in 2009, as far as I can remember) But if this behavior violates ideology of the Kerberos then this option is not necessary. > And, kinit(1) (as of heimdal-clients, > 1.4.0~git20100726.dfsg.1-1+b1) will accept a keytab file, like: > > $ kinit --keytab="$HOME"/.my.keytab --use-keytab \ > my/ident...@realm.example.org > > (Though I haven't actually tested the above.) > Confirmed, Heimdal's kinit with -t option works fine. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org