*Testing Only* Kerberos RPMs for Scientific Linux Fermi 5.x
|
New Fermi Kerberos RPMs have been
created for Scientific Linux Fermi 5.x and are not ready for more
general testing. These RPMs are designed to enhanced the
vendor-supplied Kerberos with Fermi-specific configurations and
utilities and are subject to the following qualifiers: - aklog is not yet available that supports /cron principals
- kcron and kcron-* utilities do not work under 64-bit as yet - k5push is not yet tested at all The current RPMs are either i386 or noarch but we expect to have to produce at least one of thesein the x86_64 variety due to library issues. System administrators will first have to remove krb5-fermi-config and are advised to remove krb5-getcert and then install the new RPM krb5-fermi-baseconfig $ yum remove krb5-fermi-config krb5-getcert
$ # Assuming you have doenloaded the RPM ... $ rpm -hiv krb5-fermi-baseconfig this depends on krb5-workstation being installed. This replaces krb5-fermi-config, providing the same configuration files (newer versions in some cases) and base Fermi Kerberos setup of /usr/krb5 tree with links to the utilities in /usr/kerberos. Note that for normal utilities like kinit, rcp, etc this setup will use those from /usr/kerberos which, in some cases, have different options (like -A on kinit for addressless tickets instead of -n). How big of a problem will this be? Then they can install (any order): $ rpm -hiv krb5-fermi-addons
$ rpm -hiv krb5-fermi-getcert The addons package depends on krb5-fermi-baseconfig. The getcert package provides the KCA utilities and get-cert script now installed in the /usr/krb5 tree. The addons package provides additional Fermi Kerberos utilities such as the kcron utilities and scripts. It also supplies some libraries in /usr/krb5/lib but only the minimal needed to support the supplied executable utilities - all other uses should/will use the standard Kerberos libraties now in /usr/lib. These are setup as V1.0 Release 1. I expect to turn out new releases as I do further testing and fixes. Expect changes for the future releases include - removing libraries from /usr/lib as we can change over to using the standard Kerberos libraries
- replacing the /usr/krb5/bin/aklog symlink with and aklog script/executable which handles /cron principals (may not happen quite this way as the problem is deeper than just aklog). - kcron exeuctables were build under SLF4 but workunder SLF5, in future replace with ones built under SLF5 after working out library issues. Download the installation RPMs: Fermilab Base setup and Configuration files (krb5-fermi-baseconfig)
Fermilab Kerberos Addons for 32-bit systems (krb5-fermi-addons) Fermilab KCA certificate scripts and utilities (krb5-fermi-getcert) Download the source RPMs (optional): |
|
For assistance contact helpdesk@fnal.gov. |
