Hello,
I'm thinking of implementing centralized authentication using Kerberos
on 48 servers, all Linux. I have no Active Directory. Can you please
point me out to where I should RTFM :-) maybe some of you have tips or
tutorials for me.
Cheers!
___
Cent
On Wed, 5 Oct 2011, Steve Rikli wrote:
> Why? I'll grant NIS is insecure at best for login auth, and should not
> be used for that purpose (at least not outside the lab).
>
> But for other purposes e.g. automount maps, NIS is simple and easy and
> still functional.
>
> I'll also readily agree I w
- Original Message -
| On Wed, 5 Oct 2011, Steve Rikli wrote:
|
| > Why? I'll grant NIS is insecure at best for login auth, and should
| > not
| > be used for that purpose (at least not outside the lab).
| >
| > But for other purposes e.g. automount maps, NIS is simple and easy
| > and
| >
Am 06.10.2011 10:38, schrieb Bazy:
> Hello,
>
> I'm thinking of implementing centralized authentication using Kerberos
> on 48 servers, all Linux. I have no Active Directory. Can you please
> point me out to where I should RTFM :-) maybe some of you have tips or
> tutorials for me.
>
>
> Cheers!
On Thu, 6 Oct 2011, James A. Peltier wrote:
> | The problem you get is when you compare it with LDAP.
> |
> | jh
>
> There is no comparison. NIS is *much* faster than LDAP for these purposes.
And slow (and let's put it into context here, not *that* slow) performance of
automount map resolution b
On Wednesday 05 Oct 2011 18:04:08 Alexander Farber wrote:
> My script has 2 pecularities:
>
> 1) When it gets SIGTERM or SIGINT, it writes some data into PostgreSQL
> and this takes 10-15 seconds
>
> 2) When it is started numerous times,
> then the subsequent runs
> will fail immediately, because
Take a look at FreeIPA, aka RHEL IPA which uses kerberos. Much easier to
deploy kerberos using it and client config I done via a client rpm.
David
On Oct 6, 2011, at 3:38 AM, Bazy wrote:
> Hello,
>
> I'm thinking of implementing centralized authentication using Kerberos
> on 48 servers, all
> On Oct 6, 2011, at 3:38 AM, Bazy wrote:
>>
>> I'm thinking of implementing centralized authentication using Kerberos
>> on 48 servers, all Linux. I have no Active Directory. Can you please
>> point me out to where I should RTFM :-) maybe some of you have tips or
>> tutorials for me.
Sorry, miss
On Thu, Oct 06, 2011 at 11:38:11AM +0300, Bazy wrote:
> Hello,
>
> I'm thinking of implementing centralized authentication using Kerberos
> on 48 servers, all Linux. I have no Active Directory. Can you please
> point me out to where I should RTFM :-) maybe some of you have tips or
> tutorials for
Hi.
I am trying to use Mock to rebuild a .src.rpm file I have made for PHP 5.3.8
(for Centos6)
I have managed to install deps fine with mock.
When I try to rebuild the package though I get.
(from build.log)
---
On Thu, 6 Oct 2011, Morgan Cox wrote:
> Hi.
>
> I am trying to use Mock to rebuild a .src.rpm file I have made for PHP 5.3.8
> (for Centos6)
>
> I have managed to install deps fine with mock.
>
> When I try to rebuild the package though I get.
BuildRequires are wrong, since this SRPM requires fil
There is my build of php-5.3.8 for el6:
http://yum.aclub.net/pub/linux/centos/6/umask/SRPMS/php-5.3.8-4.el6.src.rpm
You can find here BuildRequirements.
Differences with upstream php:
- subpackage for mod_php
- subpackage with php-fpm init-scripts
- suhosin patch / module
- some other modules (
Hi
Thank you for your extremely quick (and faster than support from any
company..) reply.
Sorry, can you give more detail ?
>From the look of the error the 'mock centos5' is missing these files :-
/usr/share/aclocal/ltoptions.m4
/usr/share/aclocal/ltsugar.m4
/usr/share/aclocal/ltversion.m4
/usr
Had anybody been successful in getting Pyzor to run on CentOS 6 64bit? I
have it running fine on CentOS 6 32 bit, and I 'think' I did identical
installs. But, from the command line I keep getting
Oct 6 13:36:00.659 [16065] dbg: pyzor: network tests on, attempting Pyzor
Oct 6 13:36:06.205 [1606
In article , John
Hodrien wrote:
>On Wed, 5 Oct 2011, Steve Rikli wrote:
>
>> ...
>> I'll also readily agree I wouldn't want NIS on internet-facing systems,
>> but for things like automount maps on the internal corporate LAN, is
>> it really a catastropic problem?
>
>The problem you get is when
On Thu, 6 Oct 2011, Steve Rikli wrote:
> In article , John
> Hodrien wrote:
>> On Wed, 5 Oct 2011, Steve Rikli wrote:
>>
>>> ...
>>> I'll also readily agree I wouldn't want NIS on internet-facing systems,
>>> but for things like automount maps on the internal corporate LAN, is
>>> it really a c
In article
, John
Hodrien wrote:
>...
>
>A good LDAP setup with nested groups, and GSSAPI just beats NIS over the head
>with a stick in terms of security, and once you've got a good LDAP
>infrastructure you start to discover just how many tools offer some form of
>LDAP integration. Extending t
On Thu, Oct 06, 2011 at 09:14:35PM +0100, John Hodrien wrote:
> place, I think it's hard to list *any* honest advantages over LDAP. Sorry, I
> don't consider performance to be a credible advantage, especially after
> nscd/sssd have had their way with caching results.
Then you've never seen Verita
On 10/6/2011 1:37 PM, John Hinton wrote:
> Had anybody been successful in getting Pyzor to run on CentOS 6 64bit? I
> have it running fine on CentOS 6 32 bit, and I 'think' I did identical
> installs. But, from the command line I keep getting
>
> Oct 6 13:36:00.659 [16065] dbg: pyzor: network test
On Thu, 6 Oct 2011, Stephen Harris wrote:
> On Thu, Oct 06, 2011 at 09:14:35PM +0100, John Hodrien wrote:
>> place, I think it's hard to list *any* honest advantages over LDAP. Sorry, I
>> don't consider performance to be a credible advantage, especially after
>> nscd/sssd have had their way with
On Thu, 6 Oct 2011, Steve Rikli wrote:
> So, back to my original example of automount maps (which I've long thought
> about implementing in LDAP but never pursued), how do you deal with the
> situation of needing map(s) loaded, without an active user on the system
> to authenticate the LDAP query
On Thu, Oct 06, 2011 at 10:28:58PM +0100, John Hodrien wrote:
> On Thu, 6 Oct 2011, Stephen Harris wrote:
> > Then you've never seen Veritas Cluster Services fall over 'cos of the amount
> > of time it takes to do initgroup() stuff (VCS loves to su to oracle to
> > verify the DB is up; the su takes
On Thu, 6 Oct 2011, Stephen Harris wrote:
> Which, up until a few months ago, was "no client". Solaris is crap (they
> recently rewrote their caching infrastructure to make it better); AIX
> is crap (with it's own unique solution and persistent connections).
> HPUX is crap
;)
> Oh wait... w
In article
, John
Hodrien wrote:
>On Thu, 6 Oct 2011, Steve Rikli wrote:
>
>> So, back to my original example of automount maps (which I've long thought
>> about implementing in LDAP but never pursued), how do you deal with the
>> situation of needing map(s) loaded, without an active user on th
On Thu, Oct 06, 2011 at 11:17:42PM +0100, John Hodrien wrote:
> On Thu, 6 Oct 2011, Stephen Harris wrote:
> > And once you move out of normal naming services and into custom maps then
> > your LDAP world of pain gets even worse; I'll always be able to do a
> > "ypmatch" quicker than an ldapsearch.
On Thu, 6 Oct 2011, Steve Rikli wrote:
> That's what I thought. But doesn't that "lookup" account need to have
> a published password (and likewise, hardcoded in scripts and config
> files and whatnot) in order to do the LDAP querying without end-user
> interactivity?
Yes. Either you're talking
On Thu, 6 Oct 2011, Stephen Harris wrote:
> On Thu, Oct 06, 2011 at 11:17:42PM +0100, John Hodrien wrote:
>> On Thu, 6 Oct 2011, Stephen Harris wrote:
>>> And once you move out of normal naming services and into custom maps then
>>> your LDAP world of pain gets even worse; I'll always be able to d
On Thu, Oct 06, 2011 at 11:47:21PM +0100, John Hodrien wrote:
> On Thu, 6 Oct 2011, Stephen Harris wrote:
>
> > I wouldn't do that in NIS. Why would my OS care about it?. But I would
> > do "tell me the path to the latest version of application X" 100s of times
> > per minute.
>
> Which should
In article
, John
Hodrien wrote:
>On Thu, 6 Oct 2011, Steve Rikli wrote:
>
>> That's what I thought. But doesn't that "lookup" account need to have
>> a published password (and likewise, hardcoded in scripts and config
>> files and whatnot) in order to do the LDAP querying without end-user
>>
On Thursday, October 06, 2011 08:52 PM, m.r...@5-cent.us wrote:
>> On Oct 6, 2011, at 3:38 AM, Bazy wrote:
>>>
>>> I'm thinking of implementing centralized authentication using Kerberos
>>> on 48 servers, all Linux. I have no Active Directory. Can you please
>>> point me out to where I should RTFM
On Thu, 2011-10-06 at 19:10 -0400, Stephen Harris wrote:
> On Thu, Oct 06, 2011 at 11:47:21PM +0100, John Hodrien wrote:
> > On Thu, 6 Oct 2011, Stephen Harris wrote:
> >
> > > I wouldn't do that in NIS. Why would my OS care about it?. But I would
> > > do "tell me the path to the latest version
On Wed, Oct 5, 2011 at 10:27 PM, Negative wrote:
> On Wed, Oct 5, 2011 at 3:11 PM, Negative wrote:
>
>> On Wed, Oct 5, 2011 at 3:06 PM, Negative wrote:
>>
>>> On Wed, Oct 5, 2011 at 1:00 PM, wrote:
>>>
Negative wrote:
> On Wed, Oct 5, 2011 at 11:15 AM, wrote:
> Negative wrote:
>>>
32 matches
Mail list logo
