Ignore:
Timestamp:
Jun 24, 2010, 1:10:50 AM (14 years ago)
Author:
Jessica B. Hamrick <jhamrick@…>
Branches:
master, debian, mac, no-cups, nodebathena, web
Children:
eadacf9
Parents:
83733c9
git-author:
Edward Z. Yang <edwardzyang@…> (03/09/09 19:19:22)
git-committer:
Jessica B. Hamrick <jhamrick@…> (06/24/10 01:10:50)
Message:

Add instructions for keytabs.

Signed-off-by: Edward Z. Yang <edwardzyang@…>

File:
1 edited

Legend:

Unmodified
Added
Removed
  • gutenbach/debian/lib/README

    r331684f r3b5bfeb  
    123123  :sd=/var/spool/lpd/printername
    124124  :ml=0:mx=0:sh:sf
    125   :auth_forward=kerberos5
    126   :use_auth=kerberos5
    127125  :create_files
    128126
     
    276274
    277275
    278 X. Setting up remctl commands
     27611. Setting up keytabs on the machine
     277-------------------------------------
     278
     279Email accounts@mit.edu and ask them for two keytabs: one for your machine,
     280and one for "daemon" at your machine.  When you get the keytab, reset their
     281passwords by running:
     282
     283    k5srvutil change -f your.keytab
     284    k5srvutil delold -f your.keytab
     285
     286Now, install the machine-wide keytab in /etc/krb5.keytab, and install the
     287daemon keytab as /etc/daemon.keytab.  (The first filename is required; the
     288second can be changed.)
     289
     290Finally, edit /etc/printcap and give it information about the Kerberos:
     291
     292sipbmp3: server
     293    :cm=SIPB MP3 Spooler
     294    ...
     295    :auth_forward=kerberos5
     296    :use_auth=kerberos5
     297    :kerberos_id=daemon/your-machine-name.mit.edu@ATHENA.MIT.EDU
     298    :kerberos_keytab=/etc/daemon.keytab
     299
     300
     30112. Setting up remctl commands
    279302-----------------------------
    280303
    281304It's useful to be able to control the volume. Remctl is the way to do
    282 this without asking people to ssh in, and then alsamix(er). XXX: These
    283 batch scripts and remctl files are not yet public.
     305this without asking people to ssh in, and then alsamix(er). The important
     306remctl scripts come with a sipbmp3 checkout, but you must add symlinks
     307to it from /usr/local/bin and/or do another checkout in sipbmp3.
     308
     309You will probably need to apt-get install remctl-server. Then, replace
     310the /etc/remctl/conf.d directory with a Git checkout of
     311/afs/sipb/project/sipbmp3/sipbmp3-remctl.git.
     312
     313Please note that remctl will NOT work without a keytab setup.
     314
     315XXX: The fact that these *have* to be in /usr/local/bin is not very...
     316nice.  We should fix this.
    284317
    285318
Note: See TracChangeset for help on using the changeset viewer.