1 config files in 39 etc 39 need updating
If the library wanted to avoid unnecessary reloading and reparsing of the configuration, it would now have to stat all the files in the includdir. MIT Kerberos, Apache, bind, Debian cron, apt, pam, ld.so, mutt, rsyslog, sane, sudo all support include directories When many threads are accepting client connections at a rate of thousands of connections per second, latency counts.
Is there really a compelling need for this complexity? For software like Samba, which uses Heimdal on otherwise all-MIT based systems, it is critical that we support as much of the MIT krb5syntax as possible, due to the shared configuration file.
What's wrong we "make" or similar to build krb5by inlining all the required fragments. This functionality has no impact on performance if you don't use it; most sites don't have thousands of connections per second.
If latency is a big problem, then there are quite a few things that could be done in the current implementation to avoid re-reading files.
If so, that's problematic because the default RHEL7/Cent OS7 krb5has this line present. We could make the config system (which is roughly like the profile API in MIT) detect config changes and re-read them (MIT's profile API does this), but we copy config items to s seems pointless, so automatically re-reading configs is a heavy-duty project.
MIT has support for an 'includedir' directive in krb5 System administrators would still be able to edit these files, just like any other.
We’ll occasionally send you account related emails. Sign in to your account For distributions, it is convenient to be able to just drop files in /etc/krb5d/. For distributions, it is convenient to be able to just drop files in /etc/krb5d/. Why would a distribution believe that some fragment of the krb5file is not in conflict with the system administrator's /etc/krb5.conf?