Re: F27 System Wide Change: Kerberos KCM credential cache by default

Hey, On Tue, Jun 20, 2017 at 07:42:27AM +0200, Jan Kurik wrote: > = System Wide Change: Kerberos KCM credential cache by default = > https://fedoraproject.org/wiki/Changes/KerberosKCMCache > > Change owner(s): > * Jakub Hrozek > > Default to a new Kerberos credential cache type called KCM

Re: F27 System Wide Change: Kerberos KCM credential cache by default

On 06/21/2017 02:23 AM, Jakub Hrozek wrote: On Tue, Jun 20, 2017 at 04:23:30PM -0400, Daniel Walsh wrote: On 06/20/2017 02:45 PM, Jakub Hrozek wrote: On Tue, Jun 20, 2017 at 08:55:49AM -0400, Daniel Walsh wrote: On 06/20/2017 04:21 AM, Jakub Hrozek wrote: On Tue, Jun 20, 2017 at 09:25:49AM

Re: F27 System Wide Change: Kerberos KCM credential cache by default

On Wed, 2017-06-21 at 09:33 +0200, Jakub Hrozek wrote: > On Wed, Jun 21, 2017 at 09:01:04AM +0200, Pavel Cahyna wrote: > > On Tue, Jun 20, 2017 at 08:45:48PM +0200, Jakub Hrozek wrote: > > > Well, UID of the peer accessing the socket is the access control > > > key right > > > now. Unlike

Re: F27 System Wide Change: Kerberos KCM credential cache by default

On Wed, Jun 21, 2017 at 09:33:26AM +0200, Jakub Hrozek wrote: > On Wed, Jun 21, 2017 at 09:01:04AM +0200, Pavel Cahyna wrote: > > On Tue, Jun 20, 2017 at 08:45:48PM +0200, Jakub Hrozek wrote: > > > Well, UID of the peer accessing the socket is the access control key right > > > now. Unlike

Re: F27 System Wide Change: Kerberos KCM credential cache by default

On Wed, Jun 21, 2017 at 09:01:04AM +0200, Pavel Cahyna wrote: > On Tue, Jun 20, 2017 at 08:45:48PM +0200, Jakub Hrozek wrote: > > Well, UID of the peer accessing the socket is the access control key right > > now. Unlike Heimdal's KCM, root doesn't have any special powers (with > > Heimdal's KCM,

Re: F27 System Wide Change: Kerberos KCM credential cache by default

On Tue, Jun 20, 2017 at 08:45:48PM +0200, Jakub Hrozek wrote: > Well, UID of the peer accessing the socket is the access control key right > now. Unlike Heimdal's KCM, root doesn't have any special powers (with > Heimdal's KCM, root can list any ccache, with our implementation, only > that of UID

Re: F27 System Wide Change: Kerberos KCM credential cache by default

On Wed, Jun 21, 2017 at 08:23:10AM +0200, Jakub Hrozek wrote: > On Tue, Jun 20, 2017 at 04:23:30PM -0400, Daniel Walsh wrote: > > On 06/20/2017 02:45 PM, Jakub Hrozek wrote: > > > On Tue, Jun 20, 2017 at 08:55:49AM -0400, Daniel Walsh wrote: > > > > On 06/20/2017 04:21 AM, Jakub Hrozek wrote: > >

Re: F27 System Wide Change: Kerberos KCM credential cache by default

On Tue, Jun 20, 2017 at 04:23:30PM -0400, Daniel Walsh wrote: > On 06/20/2017 02:45 PM, Jakub Hrozek wrote: > > On Tue, Jun 20, 2017 at 08:55:49AM -0400, Daniel Walsh wrote: > > > On 06/20/2017 04:21 AM, Jakub Hrozek wrote: > > > > On Tue, Jun 20, 2017 at 09:25:49AM +0200, Pavel Cahyna wrote: > >

Re: F27 System Wide Change: Kerberos KCM credential cache by default

On 06/20/2017 02:45 PM, Jakub Hrozek wrote: On Tue, Jun 20, 2017 at 08:55:49AM -0400, Daniel Walsh wrote: On 06/20/2017 04:21 AM, Jakub Hrozek wrote: On Tue, Jun 20, 2017 at 09:25:49AM +0200, Pavel Cahyna wrote: Hi, On Tue, Jun 20, 2017 at 07:42:27AM +0200, Jan Kurik wrote: = System Wide

Re: F27 System Wide Change: Kerberos KCM credential cache by default

On Tue, Jun 20, 2017 at 08:55:49AM -0400, Daniel Walsh wrote: > On 06/20/2017 04:21 AM, Jakub Hrozek wrote: > > On Tue, Jun 20, 2017 at 09:25:49AM +0200, Pavel Cahyna wrote: > > > Hi, > > > > > > On Tue, Jun 20, 2017 at 07:42:27AM +0200, Jan Kurik wrote: > > > > = System Wide Change: Kerberos KCM

Re: F27 System Wide Change: Kerberos KCM credential cache by default

On 06/20/2017 04:21 AM, Jakub Hrozek wrote: On Tue, Jun 20, 2017 at 09:25:49AM +0200, Pavel Cahyna wrote: Hi, On Tue, Jun 20, 2017 at 07:42:27AM +0200, Jan Kurik wrote: = System Wide Change: Kerberos KCM credential cache by default = https://fedoraproject.org/wiki/Changes/KerberosKCMCache

Re: F27 System Wide Change: Kerberos KCM credential cache by default

On Tue, Jun 20, 2017 at 09:25:49AM +0200, Pavel Cahyna wrote: > Hi, > > On Tue, Jun 20, 2017 at 07:42:27AM +0200, Jan Kurik wrote: > > = System Wide Change: Kerberos KCM credential cache by default = > > https://fedoraproject.org/wiki/Changes/KerberosKCMCache > > "The design is described in more

Re: F27 System Wide Change: Kerberos KCM credential cache by default

Hi, On Tue, Jun 20, 2017 at 07:42:27AM +0200, Jan Kurik wrote: > = System Wide Change: Kerberos KCM credential cache by default = > https://fedoraproject.org/wiki/Changes/KerberosKCMCache "The design is described in more detail on the SSSD wiki." It is not, the link redirects to a page about

F27 System Wide Change: Kerberos KCM credential cache by default

= System Wide Change: Kerberos KCM credential cache by default = https://fedoraproject.org/wiki/Changes/KerberosKCMCache Change owner(s): * Jakub Hrozek Default to a new Kerberos credential cache type called KCM which is better suited for containerized environments and provides a better user

F27 System Wide Change: Kerberos KCM credential cache by default

= System Wide Change: Kerberos KCM credential cache by default = https://fedoraproject.org/wiki/Changes/KerberosKCMCache Change owner(s): * Jakub Hrozek Default to a new Kerberos credential cache type called KCM which is better suited for containerized environments and provides a better user