No, not the Paul Simon song that the Bangles sung, rather a lament on deadlines. I’ve an upcoming deadline on Friday for my real life work, so I’m guessing this kerberos stuff will not be finished this week. I hope to at least get some time to start on the stuff. As of right now, I have preliminary ebuilds for relocated heimdal and mit-krb5. Unfortunately, I have not been able to gut either of them of the com_err and ss libraries yet.
Can I have everyone give a round of applause for Sven for really really putting our documentation into shape. When he first took over the Gentoo Documentation Project, he had a pretty uphill battle, because our docs were in shabby shape. I think it was 1.4 where Ryan and I stayed up all night to fix up the install docs. Since then, Sven took over the GDP (see next link) and moved it to another level entirely — what with fixing up the content and syntax, co-ordinating the various translations, bringing in newer docs. It’s amazing what the Docs Team has done with all of the Gentoo documentation.
Just so we’re clear then, the priority of my todo list is thus:
- Gut mit-krb5 and heimdal to not install common libraries
- Double check my kerberos-config script to activate one of the kerberi
- package mask and check in ebuilds for all three (the script will be its own ebuild)
- revisit why mozilla won’t link against heimdal (or mit-krb5) in Gentoo — Ubuntu achieves this just fine.
- make the newest nfs-utils be able to compile against either of the kerberi
- look into putting shishi into portage as another optional implementation of kerberos
Now, does anyone actually use krb4 still? I’m not interested in it, because I honestly don’t see the point. Granted, I’m not nearly knowledgable enough to know why it would be useful, so I’m really curious to hear from those who do find it useful.
Cornell uses krb4 for all of its online authorization. Things like webmail, grades, course adding and dropping, etc. Unfortunately I graduated nearly a year ago, so its almost completely useless to me. And most of the web interfaces that required kerberos now have a web-based kerberos ticket retriever. And JTF, the application that does all the non-web based stuff, is a Windows-only java application (I believe there was a version for Mac OS Classic, but not OS X). And even had the above not been so, they leave no clue as to how to integrate into their kerberos from outside their specially designed frontend (which is essentially a name and password). So even if krb4 had been available and useful while I was at Cornell, I would have had no clue about how to set it up.