[OpenAFS-devel] configuration files for servers

[Jeffrey Altman]

Marcus Watts wrote:
> Simon Wilkinson just asked for "configuration files for servers"
> at the best practices workshop.
> 
> I also talked briefly with Simon about this the night before last.
> 
> As it happens, the k5ssl code can parse krb5.conf files today.
> This may not be exactly the file format that people would like,
> but it may be "close enough".
> 
> in any of the rxk5 branches, look at
> 	src/k5ssl/k5s_cf.c
> 
> there isn't anything that writes these files back out.
> I'm not convinced this is a good idea, but if people
> really want that - it is possible.  I think I
> have a test program that does this, but I don't seem
> to have bothered to save it with k5ssl.  It is
> trivial to walk the in-core configuration file contents,
> and to write it out in whatever format. 
> 	src/k5ssl/t_cf.c
> 		is sample code to do just that.
> 
> 				-Marcus

The Heimdal implementation is BSD licensed and can be utilized by
OpenAFS.  I would rather not have a third implementation that needs
to be supported.  There are too many undocumented *features* in the
krb5 profile format.

However, given the discussion that has taken place recently on
this list I believe that the krb5 profile format is the one we
should go forward with.

Jeffrey Altman