PR#170: Adding centos alias for FEDORAPROJECT.ORG REALM for *centos.org auth passthrough - fedora-packager

fedora-packager

#170 Adding centos alias for FEDORAPROJECT.ORG REALM for *centos.org auth passthrough

Merged 2 years ago by humaton. Opened 2 years ago by arrfab.

arrfab/fedora-packager centos-alias into main

bumped .spec

Fabian Arrotin • 2 years ago

8155334

Adding centos alias for FEDORAPROJECT.ORG REALM for *centos.org auth passthrough

Fabian Arrotin • 2 years ago

713e81d

fedora-packager.spec

file modified

+4 -1

		`@@ -4,7 +4,7 @@`

		`Name: fedora-packager`
		`Version: 0.6.0.5`
		`- Release: 1%{?dist}`
		`+ Release: 2%{?dist}`
		`Summary: Tools for setting up a fedora maintainer environment`

		`License: GPLv2+`
		`@@ -83,6 +83,9 @@`
		`%{_sbindir}/*`

		`%changelog`
		`+ * Fri May 07 2021 Fabian Arrotin <arrfab@centos.org> - 0.6.0.5-2`
		`+ - minor change to have centos.org alias for kerberos auth to work client side`
		`+`
		`* Mon Mar 22 2021 Mohan Boddu <mboddu@bhujji.com> - 0.6.0.5-1`
		`- Update README - fix typo (cheese)`
		`- Add pkgname helper (churchyard)`

krb-configs/fedoraproject_org

file modified

		`@@ -6,3 +6,6 @@`
		`[domain_realm]`
		`.fedoraproject.org = FEDORAPROJECT.ORG`
		`fedoraproject.org = FEDORAPROJECT.ORG`
		`+ .centos.org = FEDORAPROJECT.ORG`
		`+ centos.org = FEDORAPROJECT.ORG`
		`+`

arrfab commented 2 years ago

This is to complete https://pagure.io/centos-infra/issue/305 (done at server side).
This just allows client to know that for id.centos.org, gssapi transactions would work with existing kerberos ticket.
At the centos side, there is already a dns record :

dig +short txt _kerberos.centos.org
"FEDORAPROJECT.ORG"

But default krb5.conf shipped in fedora/rhel/centos doesn't use dns lookup :

grep lookup /etc/krb5.conf
 dns_lookup_realm = false

This simple commit would at least resolve this the same way it was done for fedoraproject.org

Signed-off-by: Fabian Arrotin arrfab@centos.org

cheimes commented 2 years ago

LGTM, thanks Fabian!

1 new commit added

bumped .spec

2 years ago

sgallagh commented 2 years ago

LGTM as well

rharwood commented 2 years ago

LGTM from krb5

Pull-Request has been merged by humaton

2 years ago

Metadata

Assignee

None

Tags

No Tags

Changes Summary 2

krb-configs/fedoraproject_org

fedora-packager

Source Code

Documentation

#170 Adding centos alias for FEDORAPROJECT.ORG REALM for *centos.org auth passthrough Merged 2 years ago by humaton. Opened 2 years ago by arrfab. arrfab/fedora-packager centos-alias into main

Metadata

Changes Summary 2

#170 Adding centos alias for FEDORAPROJECT.ORG REALM for *centos.org auth passthrough

Merged 2 years ago by humaton. Opened 2 years ago by arrfab.

arrfab/fedora-packager centos-alias into main