Subject: Re: kerberos in 1.5_ALPHA
To: Paul Goyette <>
From: Jason R Thorpe <>
List: current-users
Date: 07/16/2000 13:38:00
On Sun, Jul 16, 2000 at 01:00:12PM -0700, Jason R Thorpe wrote:

 > On Sun, Jul 16, 2000 at 12:02:00PM -0700, Paul Goyette wrote:
 >  > > In the Athena environment (the original user of Kerberos), Hesiod (i.e.
 >  > > "dns" in nsswitch.conf) is used for the user/group database info,
 >  > 
 >  > So, shouldn't use of Kerberos for password changing depend on presence
 >  > of DNS in the nsswitch.conf entry for password?  Currently, setting
 >  > nsswitch.conf to "files" only still doesn't disable Kerberos attempts.
 > No.  I was only pointing out that Kerberos is separate from where the
 > user information comes from.

For what it's worth, I've just committed a change to libkrb5 that
causes krb5_init_context() to return an error if there is no krb5.conf
file.  This is inline with what the MIT code did, and passwd(1) now
works as you'd expect.

        -- Jason R. Thorpe <>