Roland C. Dowdeswell
Roland C. Dowdeswell
I think that we should consider it. We currently don't quote many characters which may spam logs with unprintables, IIRC, which is what we're trying to fix here.
I'm looking at it.
Yes, understood. What we have at the moment is inconsistency. We're trying to fix it. It appears that MIT Kerberos uses underscores exclusively from their documentation, but we use both....
We also have a lot of inconsistencies, i.e. we have "no-addresses" and MIT has "noaddresses".
I would recommend `--no-exit-code` or just nothing to make dyff a drop in replacement for diff in scripts.
Strictly speaking, in Kerberos, unless you require preauth, you can't always tell if someone has authenticated successfully. With preauth, you can tell that the AS has been used successfully, but...
For progress, please have a look at ongoing work in PR 650. https://github.com/heimdal/heimdal/pull/650
I gave this some thought quite some time ago w.r.t. NetBSD's behaviour vis a vis Kerberos. I have always felt deeply unsatisfied that the presence of `krb5.conf(5)` has been used...
NetBSD's PAM stack also should not be reaching through the layers of abstration. Assuming that `/etc/krb5.conf` has a meaning to Heimdal is not part of the promise that Heimdal makes...