Ticket #1592 (new enhancement)

Opened 3 years ago

Last modified 3 years ago

Integrate with the new sssd KCM

Reported by: slz Owned by:
Priority: normal Milestone: The Distant Future
Component: -- Keywords:
Cc: Fixed in version:
Upstream bug:

Description (last modified by slz) (diff)

In Fedora 27, Kerberos now defaults to using sssd's new KCM as its default credentials cache. See the Fedora wiki page:  https://fedoraproject.org/wiki/Changes/KerberosKCMCache
as well as the sssd documentation for the KCM implentation:
 https://docs.pagure.org/SSSD.sssd/design_pages/kcm.html

If this feature of sssd lands in Ubuntu, we should have a config package that can be installed to switch the default krb5 cache to the sssd KCM. This brings a feature (userspace active management of Kerberos tickets cache, with possible namespace isolation) that has long existed on macOS to Debathena.

Change History

comment:1 Changed 3 years ago by slz

  • Description modified (diff)

comment:2 Changed 3 years ago by slz

  • Description modified (diff)
Note: See TracTickets for help on using tickets.