From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-14) on finch.gentoo.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=DMARC_MISSING, MAILING_LIST_MULTI autolearn=unavailable autolearn_force=no version=4.0.0 Received: from bilbo.cashmeresoftware.com (p20.3c04.pm.dimcom.net [206.124.3.180]) by chiba.3jane.net (Postfix) with SMTP id B52B0AC3A8 for ; Tue, 7 May 2002 13:50:25 -0500 (CDT) Received: (qmail 16693 invoked by uid 501); 7 May 2002 18:50:18 -0000 Date: Tue, 7 May 2002 12:50:18 -0600 From: Dave Love To: gentoo-dev@gentoo.org Subject: Re: [gentoo-dev] Kerberos questions Message-ID: <20020507185018.GA13944@bilbo.cashmeresoftware.com> References: <20020507135430.GA13522@bilbo.cashmeresoftware.com> <39581.10.10.220.33.1020788025.squirrel@www.portablehole.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <39581.10.10.220.33.1020788025.squirrel@www.portablehole.net> User-Agent: Mutt/1.3.28i Sender: gentoo-dev-admin@gentoo.org Errors-To: gentoo-dev-admin@gentoo.org X-BeenThere: gentoo-dev@gentoo.org X-Mailman-Version: 2.0.6 Precedence: bulk Reply-To: gentoo-dev@gentoo.org List-Help: List-Post: List-Subscribe: , List-Id: Gentoo Linux developer list List-Unsubscribe: , List-Archive: X-Archives-Salt: 9e4843cc-36d8-4959-b087-9a64c2f605b9 X-Archives-Hash: fd790872c76ac4e522af017f6f0886f3 On Tue, May 07, 2002 at 09:13:45AM -0700, Jano Lukac wrote: > > Groovy on the kerberos stuff! Finally someone else interested in it :) > > Quick thing.. why the skey use? And isn't kerberos 4 "outdated" now, so > almost as if saying, "why bother" ? Good question. I'm personally only interested in K5, but since both are included in the portage tree, I figured I might as well deal with both at the same time. The more I get into it though, the more I realize that testing it here is going to be a major pain, so I'll probably just leave the kerberos4 stuff for someone that needs it. The skey stuff is simply to satisfy my own curiousity. > > use kerberos4 && myconf="${myconf} --enable-krb4" > > use kerberos4 || myconf="${myconf} --disable-krb4" > > use kerberos5 && myconf="${myconf} --enable-gssapi" > > use kerberos5 || myconf="${myconf} --disable-gssapi" > > > I think you might be able to shorten this to the use foo && bar || that, > but probably kills the readability and might cause a line wrap *shrug*. I saw both forms used in various ebuilds and wasn't sure if there was a standard or not, so I just opted for the more legible of the two. > BTW, with the above, I'm assuming you can have both kerberos 4 and 5 > compiled into sasl (but I think I remember you cannot). Enabling k4 and k5 in sasl works just fine here: since I don't have k4 installed, the configure script automatically disabled it. Oops. ;-) Yet another reason to leave the k4 stuff for someone who needs it. > > Am I on the right track here? It seems to work, but I want to > > make certain I'm headed in the right direction before I go much > > further. > > Looks like it. If kerberos 4 and 5 cannot coexist, then make a single > virtual depend, or just don't do the virtual depend. Good point. I think I still need the virtual depend for kerberos5 since it can come from either the heimdal or krb5 packages, but there's no reason to create 2 virtual packages for k4 and k5. So I'm down to virtual/kerberos and the USE flag 'kerberos5'. > jano Thanks for the feedback! - Dave