On Fri, 27 May 2016, Robbie Harwood wrote:
Stanislav Laznicka <slazn...@redhat.com> writes:
From 7a55f169181ab8647cd2d919f35c004b14d5bc7f Mon Sep 17 00:00:00 2001
From: Stanislav Laznicka <slazn...@redhat.com>
Date: Fri, 27 May 2016 16:12:31 +0200
Subject: [PATCH] Added krb5.conf.d/ to included dirs in krb5.conf
The include of /etc/krb5.conf.d/ is required for crypto-policies to work
properly
https://fedorahosted.org/freeipa/ticket/5912
Thank you for working on this. Is the intent on the part of FreeIPA to
keep a separate, freeipa-speicifc directory? And if so, can I suggest
that we not do that?
Which directory are you talking about? /var/lib/sss/pubconf/krb5.include.d/?
SSSD directory is used already by all FreeIPA clients for very long time
because SSSD puts several important snippets there:
- CA paths and domain_realm information based on the trust topology of FreeIPA
- localauth plugin definition for SSSD plugin
SSSD cannot write to /etc and I don't think we have to change it.
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
