clear_tmp_enable="YES" conflicts with 'security/kstart'
zi@FreeBSD.org
zi at freebsd.org
Thu Feb 14 22:11:10 UTC 2019
On (02/14/19 21:43), Marin Bernard wrote:
>Hi,
>
>We use security/kstart to maintain a local cache of kerberos tickets on our hosts. The tickets are stored in temporary caches files from the /tmp directory.
>
>On 2018-02-07, a PR was committed to the security/kstart port to "move k5start higher up in the service start list". This change introduced a regression when the host is also configured to clear the /tmp dir at startup (clear_tmp_enable="YES"): the /tmp directory is cleaned *after* kstart is started, thus removing any managed kerberos cache file.
>
>I do not know why the rc script was amended in the first place. Could someone give me some insight ? Clearing /tmp is a mandatory requirement for us because of the Kerberos context: is it possible to revert the rc script to its previous revision or propose anything else to fix this issue?
>
Please see the associated PR:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=225732
If you would like to test the other option (Proposal 1 in the PR) and
report back to me, we can look at switching over to it.
-r
>Thanks,
>
>Marin.
--
Ryan Steinmetz
PGP: 9079 51A3 34EF 0CD4 F228 EDC6 1EF8 BA6B D028 46D7
More information about the freebsd-ports
mailing list