I've been thinking about integrating Shishi with the rest of Debian kerberos stuff. One thing is configuration, and I've looked at the krb5-config package. It seems like the shishi-common package could depend on it, to ask questions about the default realm and KDC/admin-server, and then populate /etc/shishi.conf with the values.
The only debconf question in krb5-config that isn't perfectly applicable is the admin server: there is no admin server daemon for Shishi. That is a minor issue, and if I get around to implementing the set/change-password protocol, it will be applicable. The alternative would be to implement support for reading /etc/krb5.conf in Shishi, and I've been planning to do this, see snippet from shishi.conf: # Read MIT or Heimdal configuration file for the following parameters: # default-realm # realm-kdc # server-realm # kdc-timeout # kdc-retries # You can override these values by specifying alternate values below. # Not implemented yet. #read-krb5conf=/etc/krb5.conf However, it is not implemented yet. One reason is that this seems unclean, and I'm worried the /etc/krb5.conf format will change. The format isn't really under my control. The feature will have to be documented in the Shishi manual, and ideally the krb5.conf format should be discussed too. The advantage with the krb5-config approach is that it makes Shishi cleaner. The advantage with the read-krb5conf approach is that it solves the problem generically, and will not be Debian-specific. Any thoughts on this? I'm leaning towards read-krb5conf now, but I'll decide later. /Simon _______________________________________________ Help-shishi mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-shishi
