tech-userlevel: Re: kdc rc.d startup [was: rc.d: time synchronization issues ...]

Subject: Re: kdc rc.d startup [was: rc.d: time synchronization issues ...]
To: Jason Thorpe <thorpej@shagadelic.org>
From: Luke Mewburn <lukem@NetBSD.org>
List: tech-userlevel
Date: 03/18/2005 15:57:11

--1MCZUn4MZNv/LeVo
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Mar 16, 2005 at 08:30:34AM -0800, Jason Thorpe wrote:
  | kdc provides authentication, potentially for many other services (which=
=20
  | may or may not know they actually need Kerberos [c.f. PAM], so can't=20
  | really have an explicit dependency).  It is my opinion that "kdc"=20
  | should start as early as possible, and have a "BEFORE: ...", probably=
=20
  | SERVERS at this stage.

PAM using services generally require LOGIN.
(What are the exceptions to this?)

What specific services (that start before LOGIN) need
kdc running before they start?
AFAICT, only racoon.

--1MCZUn4MZNv/LeVo
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)

iD8DBQFCOl+npBhtmn8zJHIRAp/UAJ9CJrwAKKtQRQFXunsZdt7BuEw/JwCgszr9
wJFXRmVKJXjnEYmdMOvZ/OU=
=f2z3
-----END PGP SIGNATURE-----

--1MCZUn4MZNv/LeVo--