Project

General

Profile

Actions

Bug #6978

open

smbadm join overwrites /etc/krb5/krb5.keytab

Added by Paul Henson about 6 years ago. Updated over 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
cifs - CIFS server and client
Start date:
2016-05-17
Due date:
% Done:

0%

Estimated time:
Difficulty:
Bite-size
Tags:
needs-triage
Gerrit CR:

Description

When joining an Active Directory domain, the illumos smb server rather rudely overwrites an existing system keytab, destroying any existing entries. While one option might be to try and share the keytab, it seems cleaner for the smb server to store its domain keytab entries someplace else. This will be trivial to do, as the location of the smb server keytab is a simple define located in lib/smbsrv/libsmbns/common/smbns_krb.h

There are really only two questions, one generic to illumos and one distribution specific:

1. Where should the smb server specific keytab be located?

2. How should a distribution handle moving any existing keys when this update is applied to a running system?

Actions

Also available in: Atom PDF