summaryrefslogtreecommitdiff
path: root/src/config-files
diff options
context:
space:
mode:
Diffstat (limited to 'src/config-files')
-rw-r--r--src/config-files/Makefile.in8
-rw-r--r--src/config-files/convert-config-files84
-rw-r--r--src/config-files/deps1
-rw-r--r--src/config-files/kdc.conf14
-rw-r--r--src/config-files/krb5.conf19
-rw-r--r--src/config-files/mech3
-rw-r--r--src/config-files/services.append12
7 files changed, 141 insertions, 0 deletions
diff --git a/src/config-files/Makefile.in b/src/config-files/Makefile.in
new file mode 100644
index 000000000000..0f2a0b2c7d24
--- /dev/null
+++ b/src/config-files/Makefile.in
@@ -0,0 +1,8 @@
+mydir=config-files
+BUILDTOP=$(REL)..
+all:
+
+install:
+ $(INSTALL_DATA) $(srcdir)/kdc.conf ${DESTDIR}$(EXAMPLEDIR)/kdc.conf
+ $(INSTALL_DATA) $(srcdir)/krb5.conf ${DESTDIR}$(EXAMPLEDIR)/krb5.conf
+ $(INSTALL_DATA) $(srcdir)/services.append ${DESTDIR}$(EXAMPLEDIR)/services.append
diff --git a/src/config-files/convert-config-files b/src/config-files/convert-config-files
new file mode 100644
index 000000000000..53ddefff1152
--- /dev/null
+++ b/src/config-files/convert-config-files
@@ -0,0 +1,84 @@
+#!/usr/bin/perl
+#
+# This program converts the old-style krb.conf and krb.realms files into the
+# new-format krb5.conf file. It takes two arguments; the first is the krb.conf
+# file, and the second is the krb.realms file. The krb5.conf file is output
+# to stdout.
+#
+# Written by Theodore Ts'o, 4/25/95
+#
+
+if ($#ARGV >= 0) {
+ $krb_conf_file = $ARGV[0];
+} else {
+ $krb_conf_file = "/etc/krb.conf";
+}
+
+if ($#ARGV >= 1) {
+ $krb_realms_file = $ARGV[1];
+} else {
+ $krb_realms_file = "/etc/krb.realms";
+}
+
+open(FILE, "<$krb_conf_file") || die "Couldn't open the krb.conf file\n";
+
+$_ = <FILE>;
+strip;
+$default_realm = $_;
+
+while(<FILE>) {
+ strip;
+ ($realm, $host, $admin) = split;
+ if (!defined($realmpt{$realm})) {
+ $realmpt{$realm} = 1;
+ }
+ $realmkdc{$realm . "##" . $realmpt{$realm}} = $host;
+ $realmpt{$realm}++;
+ if ($admin eq "admin") {
+ $realmadmin{$realm} = $host;
+ }
+}
+
+close(FILE);
+
+open(FILE, "<$krb_realms_file") || die "Couldn't open krb.realms file";
+
+while (<FILE>) {
+ strip;
+ ($domain, $realm) = split;
+ $domain =~ s/\.$//;
+ $domain =~ tr/[A-Z]/[a-z]/;
+ $dom_realm{$domain} = $realm;
+ if ($domain =~ /^\./) {
+ $domain =~ s/^\.//;
+ $def_realm{$realm} = $domain;
+ }
+}
+
+print "[libdefaults]\n\tdefault_realm = $default_realm\n";
+
+print "[realms]\n";
+
+foreach $realm (sort(keys(%realmpt))) {
+ print "\t$realm = {\n";
+ for ($i = 1; $i < $realmpt{$realm}; $i++) {
+ printf("\t\tkdc = %s\n", $realmkdc{$realm . "##" . $i});
+
+ }
+ if (defined($realmadmin{$realm})) {
+ print "\t\tadmin_server = $realmadmin{$realm}\n";
+ }
+ if (defined($def_realm{$realm})) {
+ print "\t\tdefault_domain = $def_realm{$realm}\n";
+ }
+ print "\t}\n";
+}
+
+print "\n[domain_realm]\n";
+
+foreach $domain (keys(%dom_realm)) {
+ print "\t$domain = $dom_realm{$domain}\n";
+}
+
+
+
diff --git a/src/config-files/deps b/src/config-files/deps
new file mode 100644
index 000000000000..2feac3c9d388
--- /dev/null
+++ b/src/config-files/deps
@@ -0,0 +1 @@
+# No dependencies here.
diff --git a/src/config-files/kdc.conf b/src/config-files/kdc.conf
new file mode 100644
index 000000000000..bc5076d53a28
--- /dev/null
+++ b/src/config-files/kdc.conf
@@ -0,0 +1,14 @@
+[kdcdefaults]
+ kdc_listen = 88
+ kdc_tcp_listen = 88
+
+[realms]
+ ATHENA.MIT.EDU = {
+ database_name = /usr/local/var/krb5kdc/principal
+ acl_file = /usr/local/var/krb5kdc/kadm5.acl
+ key_stash_file = /usr/local/var/krb5kdc/.k5.ATHENA.MIT.EDU
+ kdc_listen = 88
+ kdc_tcp_listen = 88
+ max_life = 10h 0m 0s
+ max_renewable_life = 7d 0h 0m 0s
+ }
diff --git a/src/config-files/krb5.conf b/src/config-files/krb5.conf
new file mode 100644
index 000000000000..9d250bfa9e28
--- /dev/null
+++ b/src/config-files/krb5.conf
@@ -0,0 +1,19 @@
+[libdefaults]
+ default_realm = ATHENA.MIT.EDU
+
+[realms]
+# use "kdc = ..." if realm admins haven't put SRV records into DNS
+ ATHENA.MIT.EDU = {
+ admin_server = kerberos.mit.edu
+ }
+ ANDREW.CMU.EDU = {
+ admin_server = kdc-01.andrew.cmu.edu
+ }
+
+[domain_realm]
+ mit.edu = ATHENA.MIT.EDU
+ csail.mit.edu = CSAIL.MIT.EDU
+ .ucsc.edu = CATS.UCSC.EDU
+
+[logging]
+# kdc = CONSOLE
diff --git a/src/config-files/mech b/src/config-files/mech
new file mode 100644
index 000000000000..15c9fcd0b4d3
--- /dev/null
+++ b/src/config-files/mech
@@ -0,0 +1,3 @@
+#kerberos_v5 1.2.840.48018.1.2.2 mech_krb5.so
+#mskrb 1.2.840.113554.1.2.2 mech_krb5.so
+#spnego 1.3.6.1.5.5.2 mech_spnego.so
diff --git a/src/config-files/services.append b/src/config-files/services.append
new file mode 100644
index 000000000000..a32fae6d06e3
--- /dev/null
+++ b/src/config-files/services.append
@@ -0,0 +1,12 @@
+kerberos 88/udp kdc # Kerberos authentication--udp
+kerberos 88/tcp kdc # Kerberos authentication--tcp
+kerberos_master 751/udp # Kerberos authentication
+kerberos_master 751/tcp # Kerberos authentication
+kerberos-adm 749/tcp # Kerberos 5 admin/changepw
+kerberos-adm 749/udp # Kerberos 5 admin/changepw
+kpop 1109/tcp # Pop with Kerberos
+kshell 544/tcp cmd # and remote shell
+klogin 543/tcp # Kerberos authenticated rlogin
+eklogin 2105/tcp # Kerberos encrypted rlogin
+krb5_prop 754/tcp # Kerberos slave propagation
+krb524 4444/tcp # Kerberos 5 to 4 ticket xlator
generated by cgit v1.3 (git 2.53.0) at 2026-04-24 08:47:40 +0000