On Wed, 2011-02-02 at 16:13 -0700, Trever L. Adams wrote: > > #!/bin/sh > > export KRB5_KTNAME=/etc/dovecot/krb5.keytab > > exec /usr/local/libexec/dovecot/auth -k > I thought I saw a patch on the mailing list in 2007 that set KRB5_KTNAME > if auth_krb5_keytab was set in the configuration. I guess it was either > ntlm specific or was not accepted.
It does set that, but only on first GSSAPI authentication. I guess it wouldn't hurt moving it to do it always. If that script helps you, I can do this change. > Postfix (the other half of my solution -- though the version I am using > doesn't do SASL LDAP yet, but 2.9.x does) allows you, in the > configuration, to set what environment variables it should not unset and > even define new ones (an example -- import_environment = > KRB5_KTNAME=/etc/dovecot/krb5.keytab). This may be a good solution for > Dovecot specifically for things like this. Maybe.. But there haven't really been all that many uses for it.
