add krb5.conf to resolve pam_krb5 ptest failure (#4052)
Co-authored-by: Henry Li <lihl@microsoft.com>
This commit is contained in:
Henry Li
GitHub
Родитель
c86dba7206
Коммит
dbd19e42ae
|
|
@ -0,0 +1,30 @@
|
|||
# To opt out of the system crypto-policies configuration of krb5, remove the
|
||||
# symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated.
|
||||
includedir /etc/krb5.conf.d/
|
||||
|
||||
[logging]
|
||||
default = FILE:/var/log/krb5libs.log
|
||||
kdc = FILE:/var/log/krb5kdc.log
|
||||
admin_server = FILE:/var/log/kadmind.log
|
||||
|
||||
[libdefaults]
|
||||
dns_lookup_realm = false
|
||||
ticket_lifetime = 24h
|
||||
renew_lifetime = 7d
|
||||
forwardable = true
|
||||
rdns = false
|
||||
pkinit_anchors = FILE:/etc/pki/tls/certs/ca-bundle.crt
|
||||
spake_preauth_groups = edwards25519
|
||||
dns_canonicalize_hostname = fallback
|
||||
qualify_shortname = ""
|
||||
# default_realm = EXAMPLE.COM
|
||||
|
||||
[realms]
|
||||
# EXAMPLE.COM = {
|
||||
# kdc = kerberos.example.com
|
||||
# admin_server = kerberos.example.com
|
||||
# }
|
||||
|
||||
[domain_realm]
|
||||
# .example.com = EXAMPLE.COM
|
||||
# example.com = EXAMPLE.COM
|
||||
|
|
@ -1,5 +1,6 @@
|
|||
{
|
||||
"Signatures": {
|
||||
"krb5-1.19.3.tar.gz": "56d04863cfddc9d9eb7af17556e043e3537d41c6e545610778676cf551b9dcd0"
|
||||
"krb5-1.19.3.tar.gz": "56d04863cfddc9d9eb7af17556e043e3537d41c6e545610778676cf551b9dcd0",
|
||||
"krb5.conf": "54ce761ea22e55923f4b10b5a8ed306f98c579217b4253163437c33eec243720"
|
||||
}
|
||||
}
|
||||
|
|
@ -4,13 +4,14 @@
|
|||
Summary: The Kerberos newtork authentication system
|
||||
Name: krb5
|
||||
Version: 1.19.3
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
License: MIT
|
||||
Vendor: Microsoft Corporation
|
||||
Distribution: Mariner
|
||||
Group: System Environment/Security
|
||||
URL: https://web.mit.edu/kerberos/
|
||||
Source0: https://kerberos.org/dist/%{name}/%{maj_version}/%{name}-%{version}.tar.gz
|
||||
Source1: krb5.conf
|
||||
BuildRequires: e2fsprogs-devel
|
||||
BuildRequires: openssl-devel
|
||||
Requires: e2fsprogs-libs
|
||||
|
|
@ -80,6 +81,10 @@ chmod -v 755 /bin/ksu
|
|||
|
||||
install -v -dm755 %{buildroot}/%{_docdir}/%{name}-%{version}
|
||||
|
||||
mkdir -p %{buildroot}%{_sysconfdir}
|
||||
mkdir -p %{buildroot}%{_sysconfdir}/krb5.conf.d
|
||||
install -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}
|
||||
|
||||
unset LIBRARY
|
||||
%{_fixperms} %{buildroot}/*
|
||||
|
||||
|
|
@ -94,6 +99,8 @@ make check
|
|||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%config(noreplace) %{_sysconfdir}/krb5.conf
|
||||
%dir %{_sysconfdir}/krb5.conf.d
|
||||
%license doc/copyright.rst
|
||||
%{_bindir}/*
|
||||
%{_libdir}/*.so
|
||||
|
|
@ -119,6 +126,9 @@ make check
|
|||
%{_datarootdir}/locale/*
|
||||
|
||||
%changelog
|
||||
* Wed Oct 19 2022 Henry Li <lihl@microsoft.com> - 1.19.3-2
|
||||
- Add krb5.conf and create /etc/krb5.conf.d directory
|
||||
|
||||
* Wed May 25 2022 Cameron Baird <cameronbaird@microsoft.com> - 1.19.3-1
|
||||
- Update to version 1.19.3 to address CVE-2021-37750
|
||||
|
||||
|
|
|
|||
|
|
@ -188,7 +188,7 @@ libsolv-0.7.20-1.cm2.aarch64.rpm
|
|||
libsolv-devel-0.7.20-1.cm2.aarch64.rpm
|
||||
libssh2-1.9.0-2.cm2.aarch64.rpm
|
||||
libssh2-devel-1.9.0-2.cm2.aarch64.rpm
|
||||
krb5-1.19.3-1.cm2.aarch64.rpm
|
||||
krb5-1.19.3-2.cm2.aarch64.rpm
|
||||
curl-7.84.0-1.cm2.aarch64.rpm
|
||||
curl-devel-7.84.0-1.cm2.aarch64.rpm
|
||||
curl-libs-7.84.0-1.cm2.aarch64.rpm
|
||||
|
|
|
|||
|
|
@ -188,7 +188,7 @@ libsolv-0.7.20-1.cm2.x86_64.rpm
|
|||
libsolv-devel-0.7.20-1.cm2.x86_64.rpm
|
||||
libssh2-1.9.0-2.cm2.x86_64.rpm
|
||||
libssh2-devel-1.9.0-2.cm2.x86_64.rpm
|
||||
krb5-1.19.3-1.cm2.x86_64.rpm
|
||||
krb5-1.19.3-2.cm2.x86_64.rpm
|
||||
curl-7.84.0-1.cm2.x86_64.rpm
|
||||
curl-devel-7.84.0-1.cm2.x86_64.rpm
|
||||
curl-libs-7.84.0-1.cm2.x86_64.rpm
|
||||
|
|
|
|||
|
|
@ -137,10 +137,10 @@ kernel-headers-5.15.72.1-1.cm2.noarch.rpm
|
|||
kmod-29-1.cm2.aarch64.rpm
|
||||
kmod-debuginfo-29-1.cm2.aarch64.rpm
|
||||
kmod-devel-29-1.cm2.aarch64.rpm
|
||||
krb5-1.19.3-1.cm2.aarch64.rpm
|
||||
krb5-debuginfo-1.19.3-1.cm2.aarch64.rpm
|
||||
krb5-devel-1.19.3-1.cm2.aarch64.rpm
|
||||
krb5-lang-1.19.3-1.cm2.aarch64.rpm
|
||||
krb5-1.19.3-2.cm2.aarch64.rpm
|
||||
krb5-debuginfo-1.19.3-2.cm2.aarch64.rpm
|
||||
krb5-devel-1.19.3-2.cm2.aarch64.rpm
|
||||
krb5-lang-1.19.3-2.cm2.aarch64.rpm
|
||||
libarchive-3.6.1-1.cm2.aarch64.rpm
|
||||
libarchive-debuginfo-3.6.1-1.cm2.aarch64.rpm
|
||||
libarchive-devel-3.6.1-1.cm2.aarch64.rpm
|
||||
|
|
|
|||
|
|
@ -137,10 +137,10 @@ kernel-headers-5.15.72.1-1.cm2.noarch.rpm
|
|||
kmod-29-1.cm2.x86_64.rpm
|
||||
kmod-debuginfo-29-1.cm2.x86_64.rpm
|
||||
kmod-devel-29-1.cm2.x86_64.rpm
|
||||
krb5-1.19.3-1.cm2.x86_64.rpm
|
||||
krb5-debuginfo-1.19.3-1.cm2.x86_64.rpm
|
||||
krb5-devel-1.19.3-1.cm2.x86_64.rpm
|
||||
krb5-lang-1.19.3-1.cm2.x86_64.rpm
|
||||
krb5-1.19.3-2.cm2.x86_64.rpm
|
||||
krb5-debuginfo-1.19.3-2.cm2.x86_64.rpm
|
||||
krb5-devel-1.19.3-2.cm2.x86_64.rpm
|
||||
krb5-lang-1.19.3-2.cm2.x86_64.rpm
|
||||
libarchive-3.6.1-1.cm2.x86_64.rpm
|
||||
libarchive-debuginfo-3.6.1-1.cm2.x86_64.rpm
|
||||
libarchive-devel-3.6.1-1.cm2.x86_64.rpm
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче