next up previous
Next: Hesiod Up: Other Changes Previous: Other Changes

Kerberos

Kerberos expects to find several things on the local filesystem that must be handled:

/etc/athena/krb.conf
Kerberos needs the contents of this file to function properly. The options are to hard-code fallbacks into the programs, or have them look in another place for the configuration file. Since hard-coding configuration into program binaries is generally a bad idea, we will have the library look in several places for this file. It will use a search path of:
  1. $ATHENACONF, where this environment variable names a directory that may be on a remote filesystem.
  2. /etc/athena
  3. /etc
Note that the environment variable is searched first so that it can be used to test alternate configurations on an otherwise properly configured workstation. Also note that the environment variable will be ignored if the real and effective UIDs do not match. This avoids introducing a security hole in setuid programs.
/etc/athena/krb.realms
This file will be handled the same as /etc/athena/krb.conf described above.
/etc/athena/srvtab
Machines without Kerberos permanently installed have no business providing service and have no need for a srvtab file.
/etc/services
If is likely that the /etc/services file will not contain all of the necessary port numbers. The kerberos library will be changed to first look in the local /etc/services file, then try a hesiod lookup of the port number, and finally fall back on a compiled in value if all else fails. As an aid in discovering that the real /etc/services file entries are missing in permanent installations, the fallback code could syslog a warning if (and only if) the /etc/athena/krb.conf file does exist in the expected place.
/tmp/tkt*
While the ticket files will be created as needed at runtime, there is the question of cleaning them up at logout. The Athena login takes care of this, but nothing is guaranteed to do this on other systems. The best way for this to be handled is for the user's logout file to contain an invocation of kdestroy. The start_athena script could check for this, and offer to add it for the user if it is not already there.

Another consideration for Kerberos is that the vendor also may provide Kerberos. If the vendor's Kerberos is compatible with Athena, then it is just a matter of making sure that the configuration is correct. Without root privileges, if the configuration is not correct, there is nothing that the user can do. If the vendor's Kerberos is incompatible, we can have Athena's version first in all search paths, and hope that the proper one is always found.


next up previous
Next: Hesiod Up: Other Changes Previous: Other Changes

Bruce R. Lewis
Mon May 19 16:07:01 EDT 1997