c886643ab6
Avoids a slave reporting it is current when a full resync fails. Obtained from: https://github.com/rbasch/krb5/commit/2ef5ae0607d1c317a936e439b4be7a6f5184dc |
||
---|---|---|
.. | ||
patch-av | ||
patch-config::pre.in | ||
patch-config::shlib.conf | ||
patch-kadmin-dbutil-dump.c | ||
patch-lib-krb5-os-localaddr.c | ||
patch-lib::gssapi::krb5::import_name.c | ||
README.FreeBSD |
The MIT KRB5 port provides its own login program at ${PREFIX}/sbin/login.krb5. However, login.krb5 does not make use of the FreeBSD login.conf and login.access files that provide a means of setting up and controlling sessions under FreeBSD. To overcome this, the MIT KRB5 port uses the FreeBSD /usr/bin/login program to provide interactive login password authentication instead of the login.krb5 program provided by MIT KRB5. The FreeBSD /usr/bin/login program does not have support for Kerberos V password authentication, e.g. authentication at the console. The pam_krb5 port must be used to provide Kerberos V password authentication. For more information about pam_krb5, please see pam(8) and pam_krb5(8). If you wish to use login.krb5 that is provided by the MIT KRB5 port, the arguments "-L ${PREFIX}/sbin/login.krb5" must be specified as arguments to klogind and KRB5 telnetd, e.g. klogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -L ${PREFIX}/sbin/login.krb5 eklogin stream tcp nowait root ${PREFIX}/sbin/klogind klogind -k -c -e -L ${PREFIX}/sbin/login.krb5 telnet stream tcp nowait root ${PREFIX}/sbin/telnetd telnetd -a none -L ${PREFIX}/sbin/login.krb5 Additionally, if you wish to use the MIT KRB5 provided login.krb5 instead of the FreeBSD provided /usr/bin/login for local tty logins, "lo=${PREFIX}/sbin/login.krb5" must be specified in /etc/gettytab, e.g., default:\ :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200:\ :if=/etc/issue:\ :lo=${PREFIX}/sbin/login.krb5: It is recommended that the FreeBSD /usr/bin/login be used with the pam_krb5 port instead of the MIT KRB5 provided login.krb5.