Commit 9f546cce authored by Jarek Polok's avatar Jarek Polok 💬
Browse files

cern-wrappers, cyrus-sasl-gssapi

parent b201a0a6
......@@ -34,8 +34,6 @@ part / --fstype ext3 --size=1024 --grow
# jarek 01.12.2015
#
# note : no cern-wrappers for now .. since it pulls 22MB of perl ...
%packages --nobase
bash
......@@ -44,6 +42,9 @@ CERN-CA-certs
grub
hepix
krb5-workstation
cyrus-sasl-gssapi
openldap-clients
cern-wrappers
sl-release
shadow-utils
vim-minimal
......@@ -162,3 +163,26 @@ pam = {
}
EOF
cat > /etc/openldap/ldap.conf <<EOF
#
# LDAP CERN Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE DC=cern,DC=ch
#note cerndc provides gssapi auth, xldap does not.
#HOST cerndc.cern.ch # or xldap.cern.ch
#SIZELIMIT 12
#DEREF always
TLS_CACERTDIR /etc/openldap/certs
TLS_REQCERT demand
SSL start_tls
# Turning this off breaks GSSAPI used with krb5 when rdns = false
SASL_NOCANON on
EOF
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment