Hi Robbie. I ran into the case where the privileged ports are not allowed to be bindded. Do you know how I can work around this?
Thanks, YC On Fri, Jan 4, 2019 at 11:14 AM Robbie Harwood <rharw...@redhat.com> wrote: > Yegui Cai <caiye...@gmail.com> writes: > > > Hi all. > > > > This can be two threads but I have the following two questions at the > > same time. > > > > 1. Can we run KDC as a non-root user? Meaning is it required to run KDC > as > > root? > > The KDC and kadmin want several low-number ports, including 88, 749, and > possibly 754. They also need permissions set up correctly in order to > access the datastore. Modifying these permissions requires some care to > avoid circumventing any additional protections your system may already > have (e.g., Selinux). I'm not aware of other potential issues. > > > 2. Is there any official docker images for KDC? or any plan to have > > one? > > The FreeIPA project has container images for the server: > https://www.freeipa.org/page/Docker (note that this includes more than > just a KDC, though). > > I'm not aware of anyone else distributing images, but there's nothing > that stops you from setting it up in a container. > > Thanks, > --Robbie > ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
