I am trying to debug why having KRB5_KTNAME set in the environment of a
process is not actually making that process use that keytab file but
instead is using the default /etc/krb5.keytab.
The process is Postfix's SMTP deamon (smtpd).
I have confirmed that the method of setting the environment var
>I am trying to debug why having KRB5_KTNAME set in the environment of a
>process is not actually making that process use that keytab file but
>instead is using the default /etc/krb5.keytab.
>
>The process is Postfix's SMTP deamon (smtpd).
>[...]
>Any thoughts/ideas?
Is it possible Postfix is clea
On Thu, 2022-01-27 at 13:03 -0500, Ken Hornstein wrote:
>
>
> Is it possible Postfix is clearing out the environment at startup?
As anything, I suppose it is possible. It would be doing so in
violation of exactly the purpose of the mechanism that is being used to
set the environment though. Me
On 1/27/22 12:01 PM, Brian J. Murrell wrote:
> I am trying to debug why having KRB5_KTNAME set in the environment of a
> process is not actually making that process use that keytab file but
> instead is using the default /etc/krb5.keytab.
There are three possible reasons why environment variables
>> Is it possible Postfix is clearing out the environment at startup?
>
>As anything, I suppose it is possible. It would be doing so in
>violation of exactly the purpose of the mechanism that is being used to
>set the environment though.
Hm. From postconf(5):
import_environment (default: see po
On Thu, 2022-01-27 at 13:45 -0500, Ken Hornstein wrote:
> >
>
> import_environment (default: see postconf -d output)
> Is that what you're using?
Yes. That is the "for-purpose" mechanism that I alluded to earlier
which is why I posited that if smtpd was clearing the environment it
was doing so
Greg Hudson writes:
> Of course, the program itself can provide configuration for the keytab
> file. I couldn't find any gss_ or krb5_ calls in the Postfix source
> code (looking at Viktor Dukhovni's git mirror), so I don't have any
> immediate insight as to whether that's currently possible or
>Yes. That is the "for-purpose" mechanism that I alluded to earlier
>which is why I posited that if smtpd was clearing the environment it
>was doing so in violation of the specific mechanism that was supposed
>to make this all work.
Oh, hm. I might be reading the code wrong, but it looks like th
On Thu, 2022-01-27 at 20:31 +0100, Jochen Kellner wrote:
>
> I once configured postfix to uses sasl:
>
> main.cf:83:smtpd_sasl_auth_enable = yes
I do have that already.
> And in /etc/postfix/sasl/smtpd.conf:
Hrm. I don't have this file. But I never did and this all worked
prior to a few day
On Thu, 2022-01-27 at 15:34 -0500, Brian J. Murrell wrote:
> On Thu, 2022-01-27 at 20:31 +0100, Jochen Kellner wrote:
> >
> > I once configured postfix to uses sasl:
> >
> > main.cf:83:smtpd_sasl_auth_enable = yes
>
> I do have that already.
>
> > And in /etc/postfix/sasl/smtpd.conf:
>
> Hrm.
10 matches
Mail list logo
