On Wed, 04 Jul 2012 18:27:38 -0400, David Walser <[email protected]> wrote:
An issue has been raised while QA testing an update for krb5 for Mageia 1 and Mageia 2 about apparently incorrect paths in init scripts: https://bugs.mageia.org/show_bug.cgi?id=6469 Would the correct thing to do be to change /var/kerberos/krb5kdc to /etc/kerberos/krb5kdc as proposed in this patch to kadmin.init?: https://bugs.mageia.org/attachment.cgi?id=2476&action=diff I also noticed a line in kprop.init that says: [ -f /var/kerberos/krb5kdc/kpropd.acl ] || exit 6 Should that be changed as well?
Yes. Ideally, only the config files should be in /etc, and the database should be in /var. In order to get the security update out quickly, the scripts should be changed to /etc, to match the current config files. I think a new bug report should be opened, requesting changing the various scripts to use something like eval $(sed 's/ //g' /etc/kerberos/krb5kdc/kdc.conf|grep ^database_name) to get the location of the database (with similar code for the other files) and have new installs put the database in /var.
Also, in krb5 in Cauldron, I similarly noticed the following... kadmin.service: ConditionPathExists=!/var/kerberos/krb5kdc/kpropd.acl kprop.service: ConditionPathExists=/var/kerberos/krb5kdc/kpropd.acl Should those be changed as well?
Yes. Regards, Dave Hodgins
