Commit f7ccb91b authored by Jarek Polok's avatar Jarek Polok 💬
Browse files

added cern-wrappers cyrus-sasl-gssapi

parent 23db063d
......@@ -20,8 +20,6 @@ clearpart --all --initlabel
part / --fstype ext4 --size=1024 --grow
reboot
# note : no cern-wrappers for now .. since it pulls 22MB of perl ...
%packages --excludedocs --nobase --nocore
bash
bind-utils
......@@ -30,7 +28,10 @@ grub
hepix
iproute
iputils
openldap-clients
cern-wrappers
krb5-workstation
cyrus-sasl-gssapi
passwd
rootfiles
sl-release
......@@ -144,5 +145,27 @@ pam = {
EOF
cat > /etc/openldap/ldap.conf <<EOF
#
# LDAP CERN Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE DC=cern,DC=ch
#note cerndc provides gssapi auth, xldap does not.
#HOST cerndc.cern.ch # or xldap.cern.ch
#SIZELIMIT 12
#DEREF always
TLS_CACERTDIR /etc/openldap/certs
TLS_REQCERT demand
SSL start_tls
# Turning this off breaks GSSAPI used with krb5 when rdns = false
SASL_NOCANON on
EOF
%end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment