On Wed, Jul 02, 2008 at 01:18:46PM -0400, Kevin Coffman wrote:
> Thanks, but I'm already cleaning it up. I'll re-post for you look at
> before sending up to Steve.
OK, thanks
> > Also, if interested, I have a patch to set the default preferred realm
> > from the kerberos configuration.
>
> I think that would be a nice thing to add to this.
attached.
--
Lukáš Hejtmánek
Set default kerberos realm as preferred realm by default.
Signed-off-by: Lukas Hejtmanek <xhejtman@xxxxxxxxxxx>
diff --git a/utils/gssd/gssd.c b/utils/gssd/gssd.c
index c7f9bdd..3c8c24b 100644
--- a/utils/gssd/gssd.c
+++ b/utils/gssd/gssd.c
@@ -148,6 +148,9 @@ main(int argc, char *argv[])
}
}
+ if(!preferred_realm)
+ preferred_realm = gssd_k5_get_default_realm();
+
i = 0;
ccachesearch[i++] = strtok(ccachedir, ":");
do {
diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
index 4915293..16d155a 100644
--- a/utils/gssd/krb5_util.c
+++ b/utils/gssd/krb5_util.c
@@ -1234,3 +1234,26 @@ gssd_k5_err_msg(krb5_context context, krb5_error_code code)
return error_message(code);
#endif
}
+
+/*
+ * Routine that returns default kerberos realm
+ */
+
+const char*
+gssd_k5_get_default_realm()
+{
+ krb5_context context;
+ char *realm;
+
+ if(krb5_init_context(&context)) {
+ return NULL;
+ }
+
+ if(krb5_get_default_realm(context, &realm)) {
+ krb5_free_context(context);
+ return NULL;
+ }
+
+ krb5_free_context(context);
+ return realm;
+}
diff --git a/utils/gssd/krb5_util.h b/utils/gssd/krb5_util.h
index addae1c..a4cccac 100644
--- a/utils/gssd/krb5_util.h
+++ b/utils/gssd/krb5_util.h
@@ -17,6 +17,7 @@ struct gssd_k5_kt_princ {
};
+const char* gssd_k5_get_default_realm(void);
int gssd_setup_krb5_user_gss_ccache(uid_t uid, char *servername,
char *dirname);
int gssd_get_krb5_machine_cred_list(char ***list);
