Linux localhost 5.4.0-198-generic #218-Ubuntu SMP Fri Sep 27 20:18:53 UTC 2024 x86_64
Apache/2.4.41 (Ubuntu)
: 23.92.16.63 | : 104.23.187.16
Cant Read [ /etc/named.conf ]
8.1.5
www-data
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
usr /
share /
augeas /
lenses /
dist /
tests /
[ HOME SHELL ]
Name
Size
Permission
Action
test_access.aug
3.44
KB
-rw-r--r--
test_activemq_conf.aug
758
B
-rw-r--r--
test_activemq_xml.aug
1.63
KB
-rw-r--r--
test_afs_cellalias.aug
1.31
KB
-rw-r--r--
test_aliases.aug
2.99
KB
-rw-r--r--
test_anaconda.aug
2.07
KB
-rw-r--r--
test_anacron.aug
1.21
KB
-rw-r--r--
test_approx.aug
1.44
KB
-rw-r--r--
test_apt_update_manager.aug
1.12
KB
-rw-r--r--
test_aptcacherngsecurity.aug
1.17
KB
-rw-r--r--
test_aptconf.aug
5.26
KB
-rw-r--r--
test_aptpreferences.aug
1.86
KB
-rw-r--r--
test_aptsources.aug
3.42
KB
-rw-r--r--
test_authorized_keys.aug
4.47
KB
-rw-r--r--
test_automaster.aug
1.53
KB
-rw-r--r--
test_automounter.aug
5.2
KB
-rw-r--r--
test_avahi.aug
545
B
-rw-r--r--
test_backuppchosts.aug
623
B
-rw-r--r--
test_bbhosts.aug
3.68
KB
-rw-r--r--
test_bootconf.aug
980
B
-rw-r--r--
test_build.aug
8.12
KB
-rw-r--r--
test_cachefilesd.aug
579
B
-rw-r--r--
test_carbon.aug
2.54
KB
-rw-r--r--
test_ceph.aug
4.86
KB
-rw-r--r--
test_cgconfig.aug
5.93
KB
-rw-r--r--
test_cgrules.aug
903
B
-rw-r--r--
test_channels.aug
4.72
KB
-rw-r--r--
test_chrony.aug
5.92
KB
-rw-r--r--
test_clamav.aug
8.48
KB
-rw-r--r--
test_cobblermodules.aug
620
B
-rw-r--r--
test_cobblersettings.aug
1.34
KB
-rw-r--r--
test_collectd.aug
1.3
KB
-rw-r--r--
test_cpanel.aug
1.62
KB
-rw-r--r--
test_cron.aug
1.96
KB
-rw-r--r--
test_cron_user.aug
779
B
-rw-r--r--
test_crypttab.aug
1.28
KB
-rw-r--r--
test_csv.aug
1.56
KB
-rw-r--r--
test_cups.aug
13.93
KB
-rw-r--r--
test_cyrus_imapd.aug
1.33
KB
-rw-r--r--
test_darkice.aug
575
B
-rw-r--r--
test_debctrl.aug
13.94
KB
-rw-r--r--
test_desktop.aug
1.23
KB
-rw-r--r--
test_devfsrules.aug
2.17
KB
-rw-r--r--
test_device_map.aug
797
B
-rw-r--r--
test_dhclient.aug
4.69
KB
-rw-r--r--
test_dhcpd.aug
15.07
KB
-rw-r--r--
test_dns_zone.aug
10.33
KB
-rw-r--r--
test_dnsmasq.aug
1.19
KB
-rw-r--r--
test_dovecot.aug
22.3
KB
-rw-r--r--
test_dpkg.aug
322
B
-rw-r--r--
test_dput.aug
3.37
KB
-rw-r--r--
test_erlang.aug
2.58
KB
-rw-r--r--
test_ethers.aug
1.4
KB
-rw-r--r--
test_exports.aug
1.69
KB
-rw-r--r--
test_fai_diskconfig.aug
15.04
KB
-rw-r--r--
test_fonts.aug
19.45
KB
-rw-r--r--
test_fstab.aug
4.45
KB
-rw-r--r--
test_fuse.aug
590
B
-rw-r--r--
test_gdm.aug
620
B
-rw-r--r--
test_getcap.aug
3.77
KB
-rw-r--r--
test_group.aug
1.09
KB
-rw-r--r--
test_grub.aug
10.04
KB
-rw-r--r--
test_grubenv.aug
2.44
KB
-rw-r--r--
test_gshadow.aug
359
B
-rw-r--r--
test_gtkbookmarks.aug
820
B
-rw-r--r--
test_host_conf.aug
834
B
-rw-r--r--
test_hostname.aug
103
B
-rw-r--r--
test_hosts.aug
1.78
KB
-rw-r--r--
test_hosts_access.aug
6.12
KB
-rw-r--r--
test_htpasswd.aug
468
B
-rw-r--r--
test_httpd.aug
16.32
KB
-rw-r--r--
test_inetd.aug
4.51
KB
-rw-r--r--
test_inifile.aug
11.64
KB
-rw-r--r--
test_inittab.aug
1.82
KB
-rw-r--r--
test_inputrc.aug
5.13
KB
-rw-r--r--
test_interfaces.aug
3.65
KB
-rw-r--r--
test_iproute2.aug
945
B
-rw-r--r--
test_iptables.aug
7.39
KB
-rw-r--r--
test_iscsid.aug
2.45
KB
-rw-r--r--
test_jaas.aug
5.35
KB
-rw-r--r--
test_jettyrealm.aug
982
B
-rw-r--r--
test_jmxaccess.aug
637
B
-rw-r--r--
test_jmxpassword.aug
653
B
-rw-r--r--
test_json.aug
17.26
KB
-rw-r--r--
test_kdump.aug
2.84
KB
-rw-r--r--
test_keepalived.aug
14.33
KB
-rw-r--r--
test_known_hosts.aug
1.79
KB
-rw-r--r--
test_koji.aug
1.65
KB
-rw-r--r--
test_krb5.aug
28.56
KB
-rw-r--r--
test_ldap.aug
398
B
-rw-r--r--
test_ldif.aug
3.88
KB
-rw-r--r--
test_ldso.aug
486
B
-rw-r--r--
test_lightdm.aug
3.98
KB
-rw-r--r--
test_limits.aug
924
B
-rw-r--r--
test_login_defs.aug
528
B
-rw-r--r--
test_logrotate.aug
7.95
KB
-rw-r--r--
test_logwatch.aug
322
B
-rw-r--r--
test_lokkit.aug
2.1
KB
-rw-r--r--
test_lvm.aug
4.56
KB
-rw-r--r--
test_mailscanner.aug
32.15
KB
-rw-r--r--
test_mailscanner_rules.aug
2.6
KB
-rw-r--r--
test_masterpasswd.aug
3.21
KB
-rw-r--r--
test_mcollective.aug
1.2
KB
-rw-r--r--
test_mdadm_conf.aug
2.52
KB
-rw-r--r--
test_memcached.aug
1.15
KB
-rw-r--r--
test_mke2fs.aug
2.13
KB
-rw-r--r--
test_modprobe.aug
4.07
KB
-rw-r--r--
test_modules.aug
229
B
-rw-r--r--
test_modules_conf.aug
3.23
KB
-rw-r--r--
test_mongodbserver.aug
775
B
-rw-r--r--
test_monit.aug
1.03
KB
-rw-r--r--
test_multipath.aug
6.5
KB
-rw-r--r--
test_mysql.aug
8.75
KB
-rw-r--r--
test_nagioscfg.aug
2.95
KB
-rw-r--r--
test_nagiosobjects.aug
1.69
KB
-rw-r--r--
test_netmasks.aug
640
B
-rw-r--r--
test_networkmanager.aug
1.27
KB
-rw-r--r--
test_networks.aug
1.16
KB
-rw-r--r--
test_nginx.aug
7.64
KB
-rw-r--r--
test_nrpe.aug
2.13
KB
-rw-r--r--
test_nslcd.aug
12.84
KB
-rw-r--r--
test_nsswitch.aug
1.54
KB
-rw-r--r--
test_ntp.aug
5.09
KB
-rw-r--r--
test_ntpd.aug
1.87
KB
-rw-r--r--
test_odbc.aug
1.62
KB
-rw-r--r--
test_opendkim.aug
5.66
KB
-rw-r--r--
test_openshift_config.aug
3.64
KB
-rw-r--r--
test_openshift_http.aug
2.16
KB
-rw-r--r--
test_openshift_quickstarts.aug
12.42
KB
-rw-r--r--
test_openvpn.aug
28.09
KB
-rw-r--r--
test_oz.aug
611
B
-rw-r--r--
test_pagekite.aug
2.75
KB
-rw-r--r--
test_pam.aug
2.13
KB
-rw-r--r--
test_pamconf.aug
1010
B
-rw-r--r--
test_passwd.aug
2.44
KB
-rw-r--r--
test_pbuilder.aug
531
B
-rw-r--r--
test_pg_hba.aug
6.1
KB
-rw-r--r--
test_pgbouncer.aug
1.97
KB
-rw-r--r--
test_php.aug
1.4
KB
-rw-r--r--
test_phpvars.aug
1.63
KB
-rw-r--r--
test_postfix_access.aug
1.52
KB
-rw-r--r--
test_postfix_main.aug
1.03
KB
-rw-r--r--
test_postfix_master.aug
3.77
KB
-rw-r--r--
test_postfix_passwordmap.aug
1.31
KB
-rw-r--r--
test_postfix_sasl_smtpd.aug
530
B
-rw-r--r--
test_postfix_transport.aug
1.58
KB
-rw-r--r--
test_postfix_virtual.aug
1.23
KB
-rw-r--r--
test_postgresql.aug
8.07
KB
-rw-r--r--
test_properties.aug
3.51
KB
-rw-r--r--
test_protocols.aug
1.3
KB
-rw-r--r--
test_puppet.aug
547
B
-rw-r--r--
test_puppet_auth.aug
1.1
KB
-rw-r--r--
test_puppetfile.aug
4.45
KB
-rw-r--r--
test_puppetfileserver.aug
949
B
-rw-r--r--
test_pylonspaste.aug
1.73
KB
-rw-r--r--
test_pythonpaste.aug
1.23
KB
-rw-r--r--
test_qpid.aug
1.3
KB
-rw-r--r--
test_quote.aug
8.66
KB
-rw-r--r--
test_rabbitmq.aug
3.66
KB
-rw-r--r--
test_radicale.aug
1.04
KB
-rw-r--r--
test_rancid.aug
706
B
-rw-r--r--
test_redis.aug
6.17
KB
-rw-r--r--
test_reprepro_uploaders.aug
4.68
KB
-rw-r--r--
test_resolv.aug
1.46
KB
-rw-r--r--
test_rhsm.aug
4.46
KB
-rw-r--r--
test_rmt.aug
826
B
-rw-r--r--
test_rsyncd.aug
1.27
KB
-rw-r--r--
test_rsyslog.aug
6.08
KB
-rw-r--r--
test_rtadvd.aug
859
B
-rw-r--r--
test_rx.aug
3.33
KB
-rw-r--r--
test_samba.aug
3.52
KB
-rw-r--r--
test_schroot.aug
2.25
KB
-rw-r--r--
test_securetty.aug
636
B
-rw-r--r--
test_semanage.aug
1.71
KB
-rw-r--r--
test_services.aug
2.87
KB
-rw-r--r--
test_shadow.aug
2.01
KB
-rw-r--r--
test_shells.aug
348
B
-rw-r--r--
test_shellvars.aug
19.05
KB
-rw-r--r--
test_shellvars_list.aug
4.18
KB
-rw-r--r--
test_simplelines.aug
724
B
-rw-r--r--
test_simplevars.aug
994
B
-rw-r--r--
test_sip_conf.aug
3.61
KB
-rw-r--r--
test_slapd.aug
3.03
KB
-rw-r--r--
test_smbusers.aug
664
B
-rw-r--r--
test_solaris_system.aug
2.48
KB
-rw-r--r--
test_soma.aug
424
B
-rw-r--r--
test_spacevars.aug
431
B
-rw-r--r--
test_splunk.aug
2.96
KB
-rw-r--r--
test_squid.aug
5.09
KB
-rw-r--r--
test_ssh.aug
3.12
KB
-rw-r--r--
test_sshd.aug
5.04
KB
-rw-r--r--
test_sssd.aug
896
B
-rw-r--r--
test_star.aug
1.56
KB
-rw-r--r--
test_strongswan.aug
2.57
KB
-rw-r--r--
test_stunnel.aug
791
B
-rw-r--r--
test_subversion.aug
3.06
KB
-rw-r--r--
test_sudoers.aug
9.9
KB
-rw-r--r--
test_sysconfig.aug
4.1
KB
-rw-r--r--
test_sysconfig_route.aug
522
B
-rw-r--r--
test_sysctl.aug
1.34
KB
-rw-r--r--
test_syslog.aug
11.05
KB
-rw-r--r--
test_systemd.aug
7.95
KB
-rw-r--r--
test_termcap.aug
16.69
KB
-rw-r--r--
test_thttpd.aug
1.17
KB
-rw-r--r--
test_tmpfiles.aug
9.94
KB
-rw-r--r--
test_toml.aug
7.92
KB
-rw-r--r--
test_trapperkeeper.aug
4.15
KB
-rw-r--r--
test_tuned.aug
259
B
-rw-r--r--
test_up2date.aug
6.23
KB
-rw-r--r--
test_updatedb.aug
855
B
-rw-r--r--
test_util.aug
428
B
-rw-r--r--
test_vfstab.aug
2.79
KB
-rw-r--r--
test_vmware_config.aug
1.7
KB
-rw-r--r--
test_vsftpd.aug
2.49
KB
-rw-r--r--
test_webmin.aug
195
B
-rw-r--r--
test_wine.aug
5.58
KB
-rw-r--r--
test_xendconfsxp.aug
7.74
KB
-rw-r--r--
test_xinetd.aug
2.78
KB
-rw-r--r--
test_xml.aug
20.04
KB
-rw-r--r--
test_xorg.aug
2.51
KB
-rw-r--r--
test_xymon.aug
4.29
KB
-rw-r--r--
test_xymon_alerting.aug
7.44
KB
-rw-r--r--
test_yaml.aug
1.34
KB
-rw-r--r--
test_yum.aug
7.28
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : test_krb5.aug
module Test_krb5 = (* Krb5.conf from Fermilab *) let fermi_str = "### ### This krb5.conf template is intended for use with Fermi ### Kerberos v1_2 and later. Earlier versions may choke on the ### \"auth_to_local = \" lines unless they are commented out. ### The installation process should do all the right things in ### any case, but if you are reading this and haven't updated ### your kerberos product to v1_2 or later, you really should! ### [libdefaults] ticket_lifetime = 1560m default_realm = FNAL.GOV ccache_type = 4 default_tgs_enCtypes = des-cbc-crc default_tkt_enctypes = des-cbc-crc permitted_enctypes = des-cbc-crc des3-cbc-sha1 default_lifetime = 7d renew_lifetime = 7d autologin = true forward = true forwardable = true renewable = true encrypt = true v4_name_convert = { host = { rcmd = host } } [realms] FNAL.GOV = { kdc = krb-fnal-1.fnal.gov:88 kdc = krb-fnal-2.fnal.gov:88 kdc = krb-fnal-3.fnal.gov:88 kdc = krb-fnal-4.fnal.gov:88 kdc = krb-fnal-5.fnal.gov:88 kdc = krb-fnal-6.fnal.gov:88 kdc = krb-fnal-7.fnal.gov:88 master_kdc = krb-fnal-admin.fnal.gov:88 admin_server = krb-fnal-admin.fnal.gov default_domain = fnal.gov } WIN.FNAL.GOV = { kdc = littlebird.win.fnal.gov:88 kdc = bigbird.win.fnal.gov:88 default_domain = fnal.gov } FERMI.WIN.FNAL.GOV = { kdc = sully.fermi.win.fnal.gov:88 kdc = elmo.fermi.win.fnal.gov:88 kdc = grover.fermi.win.fnal.gov:88 kdc = oscar.fermi.win.fnal.gov:88 kdc = cookie.fermi.win.fnal.gov:88 kdc = herry.fermi.win.fnal.gov:88 default_domain = fnal.gov } UCHICAGO.EDU = { kdc = kerberos-0.uchicago.edu kdc = kerberos-1.uchicago.edu kdc = kerberos-2.uchicago.edu admin_server = kerberos.uchicago.edu default_domain = uchicago.edu } PILOT.FNAL.GOV = { kdc = i-krb-2.fnal.gov:88 master_kdc = i-krb-2.fnal.gov:88 admin_server = i-krb-2.fnal.gov default_domain = fnal.gov } WINBETA.FNAL.GOV = { kdc = wbdc1.winbeta.fnal.gov:88 kdc = wbdc2.winbeta.fnal.gov:88 default_domain = fnal.gov } FERMIBETA.WINBETA.FNAL.GOV = { kdc = fbdc1.fermibeta.winbeta.fnal.gov:88 kdc = fbdc2.fermibeta.winbeta.fnal.gov:88 default_domain = fnal.gov } CERN.CH = { kdc = afsdb2.cern.ch kdc = afsdb3.cern.ch kdc = afsdb1.cern.ch default_domain = cern.ch kpasswd_server = afskrb5m.cern.ch admin_server = afskrb5m.cern.ch v4_name_convert = { host = { rcmd = host } } } 1TS.ORG = { kdc = kerberos.1ts.org admin_server = kerberos.1ts.org } stanford.edu = { kdc = krb5auth1.stanford.edu kdc = krb5auth2.stanford.edu kdc = krb5auth3.stanford.edu master_kdc = krb5auth1.stanford.edu admin_server = krb5-admin.stanford.edu default_domain = stanford.edu krb524_server = krb524.stanford.edu } [instancemapping] afs = { cron/* = \"\" cms/* = \"\" afs/* = \"\" e898/* = \"\" } [capaths] # FNAL.GOV and PILOT.FNAL.GOV are the MIT Kerberos Domains # FNAL.GOV is production and PILOT is for testing # The FERMI Windows domain uses the WIN.FNAL.GOV root realm # with the FERMI.WIN.FNAL.GOV sub-realm where machines and users # reside. The WINBETA and FERMIBETA domains are the equivalent # testing realms for the FERMIBETA domain. The 2-way transitive # trust structure of this complex is as follows: # # FNAL.GOV <=> PILOT.FNAL.GOV # FNAL.GOV <=> WIN.FERMI.GOV <=> FERMI.WIN.FERMI.GOV # PILOT.FNAL.GOV <=> WINBETA.FNAL.GOV <=> FERMIBETA.WINBETA.FNAL.GOV FNAL.GOV = { PILOT.FNAL.GOV = . FERMI.WIN.FNAL.GOV = WIN.FNAL.GOV WIN.FNAL.GOV = . FERMIBETA.WINBETA.FNAL.GOV = WINBETA.FNAL.GOV WINBETA.FNAL.GOV = PILOT.FNAL.GOV } PILOT.FNAL.GOV = { FNAL.GOV = . FERMI.WIN.FNAL.GOV = WIN.FNAL.GOV WIN.FNAL.GOV = FNAL.GOV FERMIBETA.WINBETA.FNAL.GOV = WINBETA.FNAL.GOV WINBETA.FNAL.GOV = . } WIN.FNAL.GOV = { FNAL.GOV = . PILOT.FNAL.GOV = FNAL.GOV FERMI.WIN.FNAL.GOV = . FERMIBETA.WINBETA.FNAL.GOV = WINBETA.FNAL.GOV WINBETA.FNAL.GOV = PILOT.FNAL.GOV } WINBETA.FNAL.GOV = { PILOT.FNAL.GOV = . FERMIBETA.WINBETA.FNAL.GOV = . FNAL.GOV = PILOT.FNAL.GOV FERMI.WIN.FNAL.GOV = WIN.FNAL.GOV WIN.FNAL.GOV = PILOT.FNAL.GOV } [logging] kdc = SYSLOG:info:local1 admin_server = SYSLOG:info:local2 default = SYSLOG:err:auth [domain_realm] # Fermilab's (non-windows-centric) domains .fnal.gov = FNAL.GOV .cdms-soudan.org = FNAL.GOV .deemz.net = FNAL.GOV .dhcp.fnal.gov = FNAL.GOV .minos-soudan.org = FNAL.GOV i-krb-2.fnal.gov = PILOT.FNAL.GOV .win.fnal.gov = WIN.FNAL.GOV .fermi.win.fnal.gov = FERMI.WIN.FNAL.GOV .winbeta.fnal.gov = WINBETA.FNAL.GOV .fermibeta.winbeta.fnal.gov = FERMIBETA.WINBETA.FNAL.GOV # Fermilab's KCA servers so FERMI.WIN principals work in FNAL.GOV realm # winserver.fnal.gov = FERMI.WIN.FNAL.GOV # winserver2.fnal.gov = FERMI.WIN.FNAL.GOVA # Accelerator nodes to FERMI.WIN for Linux/OS X users adgroups.fnal.gov = FERMI.WIN.FNAL.GOV adusers.fnal.gov = FERMI.WIN.FNAL.GOV webad.fnal.gov = FERMI.WIN.FNAL.GOV # Friends and family (by request) .cs.ttu.edu = FNAL.GOV .geol.uniovi.es = FNAL.GOV .harvard.edu = FNAL.GOV .hpcc.ttu.edu = FNAL.GOV .infn.it = FNAL.GOV .knu.ac.kr = FNAL.GOV .lns.mit.edu = FNAL.GOV .ph.liv.ac.uk = FNAL.GOV .pha.jhu.edu = FNAL.GOV .phys.ttu.edu = FNAL.GOV .phys.ualberta.ca = FNAL.GOV .physics.lsa.umich.edu = FNAL.GOV .physics.ucla.edu = FNAL.GOV .physics.ucsb.edu = FNAL.GOV .physics.utoronto.ca = FNAL.GOV .rl.ac.uk = FNAL.GOV .rockefeller.edu = FNAL.GOV .rutgers.edu = FNAL.GOV .sdsc.edu = FNAL.GOV .sinica.edu.tw = FNAL.GOV .tsukuba.jp.hep.net = FNAL.GOV .ucsd.edu = FNAL.GOV .unl.edu = FNAL.GOV .in2p3.fr = FNAL.GOV .wisc.edu = FNAL.GOV .pic.org.es = FNAL.GOV .kisti.re.kr = FNAL.GOV # The whole \"top half\" is replaced during \"ups installAsRoot krb5conf\", so: # It would probably be a bad idea to change anything on or above this line # If you need to add any .domains or hosts, put them here [domain_realm] mojo.lunet.edu = FNAL.GOV [appdefaults] default_lifetime = 7d retain_ccache = false autologin = true forward = true forwardable = true renewable = true encrypt = true krb5_aklog_path = /usr/bin/aklog telnet = { } rcp = { forward = true encrypt = false allow_fallback = true } rsh = { allow_fallback = true } rlogin = { allow_fallback = false } login = { forwardable = true krb5_run_aklog = false krb5_get_tickets = true krb4_get_tickets = false krb4_convert = false } kinit = { forwardable = true krb5_run_aklog = false } kadmin = { forwardable = false } rshd = { krb5_run_aklog = false } ftpd = { krb5_run_aklog = false default_lifetime = 10h } pam = { debug = false forwardable = true renew_lifetime = 7d ticket_lifetime = 1560m krb4_convert = true afs_cells = fnal.gov krb5_run_aklog = false } " test Krb5.lns get fermi_str = { "#comment" = "##" } { "#comment" = "## This krb5.conf template is intended for use with Fermi" } { "#comment" = "## Kerberos v1_2 and later. Earlier versions may choke on the" } { "#comment" = "## \"auth_to_local = \" lines unless they are commented out." } { "#comment" = "## The installation process should do all the right things in" } { "#comment" = "## any case, but if you are reading this and haven't updated" } { "#comment" = "## your kerberos product to v1_2 or later, you really should!" } { "#comment" = "##" } { "libdefaults" { "ticket_lifetime" = "1560m" } { "default_realm" = "FNAL.GOV" } { "ccache_type" = "4" } { "default_tgs_enctypes" = "des-cbc-crc" } { "#eol" } { "default_tkt_enctypes" = "des-cbc-crc" } { "#eol" } { "permitted_enctypes" = "des-cbc-crc" } { "permitted_enctypes" = "des3-cbc-sha1" } { "#eol" } { "default_lifetime" = "7d" } { "renew_lifetime" = "7d" } { "autologin" = "true" } { "forward" = "true" } { "forwardable" = "true" } { "renewable" = "true" } { "encrypt" = "true" } { "v4_name_convert" { "host" { "rcmd" = "host" } } } { } } { "realms" { "realm" = "FNAL.GOV" { "kdc" = "krb-fnal-1.fnal.gov:88" } { "kdc" = "krb-fnal-2.fnal.gov:88" } { "kdc" = "krb-fnal-3.fnal.gov:88" } { "kdc" = "krb-fnal-4.fnal.gov:88" } { "kdc" = "krb-fnal-5.fnal.gov:88" } { "kdc" = "krb-fnal-6.fnal.gov:88" } { "kdc" = "krb-fnal-7.fnal.gov:88" } { "master_kdc" = "krb-fnal-admin.fnal.gov:88" } { "admin_server" = "krb-fnal-admin.fnal.gov" } { "default_domain" = "fnal.gov" } } { "realm" = "WIN.FNAL.GOV" { "kdc" = "littlebird.win.fnal.gov:88" } { "kdc" = "bigbird.win.fnal.gov:88" } { "default_domain" = "fnal.gov" } } { "realm" = "FERMI.WIN.FNAL.GOV" { "kdc" = "sully.fermi.win.fnal.gov:88" } { "kdc" = "elmo.fermi.win.fnal.gov:88" } { "kdc" = "grover.fermi.win.fnal.gov:88" } { "kdc" = "oscar.fermi.win.fnal.gov:88" } { "kdc" = "cookie.fermi.win.fnal.gov:88" } { "kdc" = "herry.fermi.win.fnal.gov:88" } { "default_domain" = "fnal.gov" } } { "realm" = "UCHICAGO.EDU" { "kdc" = "kerberos-0.uchicago.edu" } { "kdc" = "kerberos-1.uchicago.edu" } { "kdc" = "kerberos-2.uchicago.edu" } { "admin_server" = "kerberos.uchicago.edu" } { "default_domain" = "uchicago.edu" } } { "realm" = "PILOT.FNAL.GOV" { "kdc" = "i-krb-2.fnal.gov:88" } { "master_kdc" = "i-krb-2.fnal.gov:88" } { "admin_server" = "i-krb-2.fnal.gov" } { "default_domain" = "fnal.gov" } } { "realm" = "WINBETA.FNAL.GOV" { "kdc" = "wbdc1.winbeta.fnal.gov:88" } { "kdc" = "wbdc2.winbeta.fnal.gov:88" } { "default_domain" = "fnal.gov" } } { "realm" = "FERMIBETA.WINBETA.FNAL.GOV" { "kdc" = "fbdc1.fermibeta.winbeta.fnal.gov:88" } { "kdc" = "fbdc2.fermibeta.winbeta.fnal.gov:88" } { "default_domain" = "fnal.gov" } } { "realm" = "CERN.CH" { "kdc" = "afsdb2.cern.ch" } { "kdc" = "afsdb3.cern.ch" } { "kdc" = "afsdb1.cern.ch" } { "default_domain" = "cern.ch" } { "kpasswd_server" = "afskrb5m.cern.ch" } { "admin_server" = "afskrb5m.cern.ch" } { "v4_name_convert" { "host" { "rcmd" = "host" } } } } { "realm" = "1TS.ORG" { "kdc" = "kerberos.1ts.org" } { "admin_server" = "kerberos.1ts.org" } } { "realm" = "stanford.edu" { "kdc" = "krb5auth1.stanford.edu" } { "kdc" = "krb5auth2.stanford.edu" } { "kdc" = "krb5auth3.stanford.edu" } { "master_kdc" = "krb5auth1.stanford.edu" } { "admin_server" = "krb5-admin.stanford.edu" } { "default_domain" = "stanford.edu" } { "krb524_server" = "krb524.stanford.edu" } } { } } { "instancemapping" { "afs" { "mapping" = "cron/*" { "value" = "" } } { "mapping" = "cms/*" { "value" = "" } } { "mapping" = "afs/*" { "value" = "" } } { "mapping" = "e898/*" { "value" = "" } } } { } } { "capaths" { } { "#comment" = "FNAL.GOV and PILOT.FNAL.GOV are the MIT Kerberos Domains" } { "#comment" = "FNAL.GOV is production and PILOT is for testing" } { "#comment" = "The FERMI Windows domain uses the WIN.FNAL.GOV root realm" } { "#comment" = "with the FERMI.WIN.FNAL.GOV sub-realm where machines and users" } { "#comment" = "reside. The WINBETA and FERMIBETA domains are the equivalent" } { "#comment" = "testing realms for the FERMIBETA domain. The 2-way transitive" } { "#comment" = "trust structure of this complex is as follows:" } {} { "#comment" = "FNAL.GOV <=> PILOT.FNAL.GOV" } { "#comment" = "FNAL.GOV <=> WIN.FERMI.GOV <=> FERMI.WIN.FERMI.GOV" } { "#comment" = "PILOT.FNAL.GOV <=> WINBETA.FNAL.GOV <=> FERMIBETA.WINBETA.FNAL.GOV" } { } { "FNAL.GOV" { "PILOT.FNAL.GOV" = "." } { "FERMI.WIN.FNAL.GOV" = "WIN.FNAL.GOV" } { "WIN.FNAL.GOV" = "." } { "FERMIBETA.WINBETA.FNAL.GOV" = "WINBETA.FNAL.GOV" } { "WINBETA.FNAL.GOV" = "PILOT.FNAL.GOV" } } { "PILOT.FNAL.GOV" { "FNAL.GOV" = "." } { "FERMI.WIN.FNAL.GOV" = "WIN.FNAL.GOV" } { "WIN.FNAL.GOV" = "FNAL.GOV" } { "FERMIBETA.WINBETA.FNAL.GOV" = "WINBETA.FNAL.GOV" } { "WINBETA.FNAL.GOV" = "." } } { "WIN.FNAL.GOV" { "FNAL.GOV" = "." } { "PILOT.FNAL.GOV" = "FNAL.GOV" } { "FERMI.WIN.FNAL.GOV" = "." } { "FERMIBETA.WINBETA.FNAL.GOV" = "WINBETA.FNAL.GOV" } { "WINBETA.FNAL.GOV" = "PILOT.FNAL.GOV" } } { "WINBETA.FNAL.GOV" { "PILOT.FNAL.GOV" = "." } { "FERMIBETA.WINBETA.FNAL.GOV" = "." } { "FNAL.GOV" = "PILOT.FNAL.GOV" } { "FERMI.WIN.FNAL.GOV" = "WIN.FNAL.GOV" } { "WIN.FNAL.GOV" = "PILOT.FNAL.GOV" } } { } } { "logging" { "kdc" { "syslog" { "severity" = "info" } { "facility" = "local1" } } } { "admin_server" { "syslog" { "severity" = "info" } { "facility" = "local2" } } } { "default" { "syslog" { "severity" = "err" } { "facility" = "auth" } } } { } } { "domain_realm" { "#comment" = "Fermilab's (non-windows-centric) domains" } { ".fnal.gov" = "FNAL.GOV" } { ".cdms-soudan.org" = "FNAL.GOV" } { ".deemz.net" = "FNAL.GOV" } { ".dhcp.fnal.gov" = "FNAL.GOV" } { ".minos-soudan.org" = "FNAL.GOV" } { "i-krb-2.fnal.gov" = "PILOT.FNAL.GOV" } { ".win.fnal.gov" = "WIN.FNAL.GOV" } { ".fermi.win.fnal.gov" = "FERMI.WIN.FNAL.GOV" } { ".winbeta.fnal.gov" = "WINBETA.FNAL.GOV" } { ".fermibeta.winbeta.fnal.gov" = "FERMIBETA.WINBETA.FNAL.GOV" } { "#comment" = "Fermilab's KCA servers so FERMI.WIN principals work in FNAL.GOV realm" } { "#comment" = "winserver.fnal.gov = FERMI.WIN.FNAL.GOV" } { "#comment" = "winserver2.fnal.gov = FERMI.WIN.FNAL.GOVA" } { "#comment" = "Accelerator nodes to FERMI.WIN for Linux/OS X users" } { "adgroups.fnal.gov" = "FERMI.WIN.FNAL.GOV" } { "adusers.fnal.gov" = "FERMI.WIN.FNAL.GOV" } { "webad.fnal.gov" = "FERMI.WIN.FNAL.GOV" } { "#comment" = "Friends and family (by request)" } { ".cs.ttu.edu" = "FNAL.GOV" } { ".geol.uniovi.es" = "FNAL.GOV" } { ".harvard.edu" = "FNAL.GOV" } { ".hpcc.ttu.edu" = "FNAL.GOV" } { ".infn.it" = "FNAL.GOV" } { ".knu.ac.kr" = "FNAL.GOV" } { ".lns.mit.edu" = "FNAL.GOV" } { ".ph.liv.ac.uk" = "FNAL.GOV" } { ".pha.jhu.edu" = "FNAL.GOV" } { ".phys.ttu.edu" = "FNAL.GOV" } { ".phys.ualberta.ca" = "FNAL.GOV" } { ".physics.lsa.umich.edu" = "FNAL.GOV" } { ".physics.ucla.edu" = "FNAL.GOV" } { ".physics.ucsb.edu" = "FNAL.GOV" } { ".physics.utoronto.ca" = "FNAL.GOV" } { ".rl.ac.uk" = "FNAL.GOV" } { ".rockefeller.edu" = "FNAL.GOV" } { ".rutgers.edu" = "FNAL.GOV" } { ".sdsc.edu" = "FNAL.GOV" } { ".sinica.edu.tw" = "FNAL.GOV" } { ".tsukuba.jp.hep.net" = "FNAL.GOV" } { ".ucsd.edu" = "FNAL.GOV" } { ".unl.edu" = "FNAL.GOV" } { ".in2p3.fr" = "FNAL.GOV" } { ".wisc.edu" = "FNAL.GOV" } { ".pic.org.es" = "FNAL.GOV" } { ".kisti.re.kr" = "FNAL.GOV" } { } { "#comment" = "The whole \"top half\" is replaced during \"ups installAsRoot krb5conf\", so:" } { "#comment" = "It would probably be a bad idea to change anything on or above this line" } { } { "#comment" = "If you need to add any .domains or hosts, put them here" } } { "domain_realm" { "mojo.lunet.edu" = "FNAL.GOV" } { } } { "appdefaults" { "default_lifetime" = "7d" } { "retain_ccache" = "false" } { "autologin" = "true" } { "forward" = "true" } { "forwardable" = "true" } { "renewable" = "true" } { "encrypt" = "true" } { "krb5_aklog_path" = "/usr/bin/aklog" } { } { "application" = "telnet" } { } { "application" = "rcp" { "forward" = "true" } { "encrypt" = "false" } { "allow_fallback" = "true" } } { } { "application" = "rsh" { "allow_fallback" = "true" } } { } { "application" = "rlogin" { "allow_fallback" = "false" } } { } { } { "application" = "login" { "forwardable" = "true" } { "krb5_run_aklog" = "false" } { "krb5_get_tickets" = "true" } { "krb4_get_tickets" = "false" } { "krb4_convert" = "false" } } { } { "application" = "kinit" { "forwardable" = "true" } { "krb5_run_aklog" = "false" } } { } { "application" = "kadmin" { "forwardable" = "false" } } { } { "application" = "rshd" { "krb5_run_aklog" = "false" } } { } { "application" = "ftpd" { "krb5_run_aklog" = "false" } { "default_lifetime" = "10h" } } { } { "application" = "pam" { "debug" = "false" } { "forwardable" = "true" } { "renew_lifetime" = "7d" } { "ticket_lifetime" = "1560m" } { "krb4_convert" = "true" } { "afs_cells" = "fnal.gov" } { "krb5_run_aklog" = "false" } } } (* Example from the krb5 distrubution *) let dist_str = "[libdefaults] default_realm = ATHENA.MIT.EDU krb4_config = /usr/kerberos/lib/krb.conf krb4_realms = /usr/kerberos/lib/krb.realms [realms] ATHENA.MIT.EDU = { admin_server = KERBEROS.MIT.EDU default_domain = MIT.EDU v4_instance_convert = { mit = mit.edu lithium = lithium.lcs.mit.edu } } ANDREW.CMU.EDU = { admin_server = vice28.fs.andrew.cmu.edu } # use \"kdc =\" if realm admins haven't put SRV records into DNS GNU.ORG = { kdc = kerberos.gnu.org kdc = kerberos-2.gnu.org admin_server = kerberos.gnu.org } [domain_realm] .mit.edu = ATHENA.MIT.EDU mit.edu = ATHENA.MIT.EDU .media.mit.edu = MEDIA-LAB.MIT.EDU media.mit.edu = MEDIA-LAB.MIT.EDU .ucsc.edu = CATS.UCSC.EDU [logging] # kdc = CONSOLE " test Krb5.lns get dist_str = { "libdefaults" { "default_realm" = "ATHENA.MIT.EDU" } { "krb4_config" = "/usr/kerberos/lib/krb.conf" } { "krb4_realms" = "/usr/kerberos/lib/krb.realms" } { } } { "realms" { "realm" = "ATHENA.MIT.EDU" { "admin_server" = "KERBEROS.MIT.EDU" } { "default_domain" = "MIT.EDU" } { "v4_instance_convert" { "mit" = "mit.edu" } { "lithium" = "lithium.lcs.mit.edu" } } } { "realm" = "ANDREW.CMU.EDU" { "admin_server" = "vice28.fs.andrew.cmu.edu" } } { "#comment" = "use \"kdc =\" if realm admins haven't put SRV records into DNS" } { "realm" = "GNU.ORG" { "kdc" = "kerberos.gnu.org" } { "kdc" = "kerberos-2.gnu.org" } { "admin_server" = "kerberos.gnu.org" } } { } } { "domain_realm" { ".mit.edu" = "ATHENA.MIT.EDU" } { "mit.edu" = "ATHENA.MIT.EDU" } { ".media.mit.edu" = "MEDIA-LAB.MIT.EDU" } { "media.mit.edu" = "MEDIA-LAB.MIT.EDU" } { ".ucsc.edu" = "CATS.UCSC.EDU" } { } } { "logging" { "#comment" = "kdc = CONSOLE" } } (* Test for [libdefaults] *) test Krb5.libdefaults get "[libdefaults] default_realm = ATHENA.MIT.EDU krb4_config = /usr/kerberos/lib/krb.conf krb4_realms = /usr/kerberos/lib/krb.realms\n\n" = { "libdefaults" { "default_realm" = "ATHENA.MIT.EDU" } { "krb4_config" = "/usr/kerberos/lib/krb.conf" } { "krb4_realms" = "/usr/kerberos/lib/krb.realms" } { } } (* Test for [appfdefaults] *) test Krb5.appdefaults get "[appdefaults]\n\tdefault_lifetime = 7d\n" = { "appdefaults" { "default_lifetime" = "7d" } } test Krb5.appdefaults get "[appdefaults]\nrcp = { \n forward = true\n encrypt = false\n }\n" = { "appdefaults" { "application" = "rcp" { "forward" = "true" } { "encrypt" = "false" } } } test Krb5.appdefaults get "[appdefaults]\ntelnet = {\n\t}\n" = { "appdefaults" { "application" = "telnet" } } test Krb5.appdefaults get "[appdefaults] rcp = { forward = true ATHENA.MIT.EDU = { encrypt = false } MEDIA-LAB.MIT.EDU = { encrypt = true } forwardable = true }\n" = { "appdefaults" { "application" = "rcp" { "forward" = "true" } { "realm" = "ATHENA.MIT.EDU" { "encrypt" = "false" } } { "realm" = "MEDIA-LAB.MIT.EDU" { "encrypt" = "true" } } { "forwardable" = "true" } } } let appdef = "[appdefaults] default_lifetime = 7d retain_ccache = false autologin = true forward = true forwardable = true renewable = true encrypt = true krb5_aklog_path = /usr/bin/aklog telnet = { } rcp = { forward = true encrypt = false allow_fallback = true } rsh = { allow_fallback = true } rlogin = { allow_fallback = false } login = { forwardable = true krb5_run_aklog = false krb5_get_tickets = true krb4_get_tickets = false krb4_convert = false } kinit = { forwardable = true krb5_run_aklog = false } kadmin = { forwardable = false } rshd = { krb5_run_aklog = false } ftpd = { krb5_run_aklog = false default_lifetime = 10h } pam = { debug = false forwardable = true renew_lifetime = 7d ticket_lifetime = 1560m krb4_convert = true afs_cells = fnal.gov krb5_run_aklog = false }\n" let appdef_tree = { "appdefaults" { "default_lifetime" = "7d" } { "retain_ccache" = "false" } { "autologin" = "true" } { "forward" = "true" } { "forwardable" = "true" } { "renewable" = "true" } { "encrypt" = "true" } { "krb5_aklog_path" = "/usr/bin/aklog" } { } { "application" = "telnet" } { } { "application" = "rcp" { "forward" = "true" } { "encrypt" = "false" } { "allow_fallback" = "true" } } { } { "application" = "rsh" { "allow_fallback" = "true" } } { } { "application" = "rlogin" { "allow_fallback" = "false" } } { } { } { "application" = "login" { "forwardable" = "true" } { "krb5_run_aklog" = "false" } { "krb5_get_tickets" = "true" } { "krb4_get_tickets" = "false" } { "krb4_convert" = "false" } } { } { "application" = "kinit" { "forwardable" = "true" } { "krb5_run_aklog" = "false" } } { } { "application" = "kadmin" { "forwardable" = "false" } } { } { "application" = "rshd" { "krb5_run_aklog" = "false" } } { } { "application" = "ftpd" { "krb5_run_aklog" = "false" } { "default_lifetime" = "10h" } } { } { "application" = "pam" { "debug" = "false" } { "forwardable" = "true" } { "renew_lifetime" = "7d" } { "ticket_lifetime" = "1560m" } { "krb4_convert" = "true" } { "afs_cells" = "fnal.gov" } { "krb5_run_aklog" = "false" } } } test Krb5.appdefaults get appdef = appdef_tree test Krb5.lns get appdef = appdef_tree (* Test realms section *) let realms_str = "[realms] ATHENA.MIT.EDU = { admin_server = KERBEROS.MIT.EDU default_domain = MIT.EDU database_module = ldapconf # test v4_instance_convert = { mit = mit.edu lithium = lithium.lcs.mit.edu } v4_realm = LCS.MIT.EDU }\n" test Krb5.lns get realms_str = { "realms" { "realm" = "ATHENA.MIT.EDU" { "admin_server" = "KERBEROS.MIT.EDU" } { "default_domain" = "MIT.EDU" } { "database_module" = "ldapconf" } { } { "#comment" = "test" } { "v4_instance_convert" { "mit" = "mit.edu" } { "lithium" = "lithium.lcs.mit.edu" } } { "v4_realm" = "LCS.MIT.EDU" } } } (* Test dpmain_realm section *) let domain_realm_str = "[domain_realm] .mit.edu = ATHENA.MIT.EDU mit.edu = ATHENA.MIT.EDU dodo.mit.edu = SMS_TEST.MIT.EDU .ucsc.edu = CATS.UCSC.EDU\n" test Krb5.lns get domain_realm_str = { "domain_realm" { ".mit.edu" = "ATHENA.MIT.EDU" } { "mit.edu" = "ATHENA.MIT.EDU" } { "dodo.mit.edu" = "SMS_TEST.MIT.EDU" } { ".ucsc.edu" = "CATS.UCSC.EDU" } } (* Test logging section *) let logging_str = "[logging] kdc = CONSOLE kdc = SYSLOG:INFO:DAEMON admin_server = FILE:/var/adm/kadmin.log admin_server = DEVICE=/dev/tty04\n" test Krb5.lns get logging_str = { "logging" { "kdc" { "console" } } { "kdc" { "syslog" { "severity" = "INFO" } { "facility" = "DAEMON" } } } { "admin_server" { "file" = "/var/adm/kadmin.log" } } { "admin_server" { "device" = "/dev/tty04" } } } (* Test capaths section *) let capaths_str = "[capaths] ANL.GOV = { TEST.ANL.GOV = . PNL.GOV = ES.NET NERSC.GOV = ES.NET ES.NET = . } TEST.ANL.GOV = { ANL.GOV = . } PNL.GOV = { ANL.GOV = ES.NET } NERSC.GOV = { ANL.GOV = ES.NET } ES.NET = { ANL.GOV = . }\n" test Krb5.lns get capaths_str = { "capaths" { "ANL.GOV" { "TEST.ANL.GOV" = "." } { "PNL.GOV" = "ES.NET" } { "NERSC.GOV" = "ES.NET" } { "ES.NET" = "." } } { "TEST.ANL.GOV" { "ANL.GOV" = "." } } { "PNL.GOV" { "ANL.GOV" = "ES.NET" } } { "NERSC.GOV" { "ANL.GOV" = "ES.NET" } } { "ES.NET" { "ANL.GOV" = "." } } } (* Test instancemapping *) test Krb5.instance_mapping get "[instancemapping] afs = { cron/* = \"\" cms/* = \"\" afs/* = \"\" e898/* = \"\" }\n" = { "instancemapping" { "afs" { "mapping" = "cron/*" { "value" = "" } } { "mapping" = "cms/*" { "value" = "" } } { "mapping" = "afs/*" { "value" = "" } } { "mapping" = "e898/*" { "value" = "" } } } } test Krb5.kdc get "[kdc] profile = /var/kerberos/krb5kdc/kdc.conf\n" = { "kdc" { "profile" = "/var/kerberos/krb5kdc/kdc.conf" } } (* v4_name_convert in libdefaults *) test Krb5.libdefaults get "[libdefaults] default_realm = MY.REALM clockskew = 300 v4_instance_resolve = false v4_name_convert = { host = { rcmd = host ftp = ftp } plain = { something = something-else } }\n" = { "libdefaults" { "default_realm" = "MY.REALM" } { "clockskew" = "300" } { "v4_instance_resolve" = "false" } { "v4_name_convert" { "host" { "rcmd" = "host" } { "ftp" = "ftp" } } { "plain" { "something" = "something-else" } } } } (* Test pam section *) let pam_str = "[pam] debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false " test Krb5.lns get pam_str = { "pam" { "debug" = "false" } { "ticket_lifetime" = "36000" } { "renew_lifetime" = "36000" } { "forwardable" = "true" } { "krb4_convert" = "false" } } (* Ticket #274 - multiple *enctypes values *) let multiple_enctypes = "[libdefaults] permitted_enctypes = arcfour-hmac-md5 arcfour-hmac des3-cbc-sha1 des-cbc-md5 des-cbc-crc aes128-cts default_tgs_enctypes = des3-cbc-sha1 des-cbc-md5 default_tkt_enctypes = des-cbc-md5 " test Krb5.lns get multiple_enctypes = { "libdefaults" { "permitted_enctypes" = "arcfour-hmac-md5" } { "permitted_enctypes" = "arcfour-hmac" } { "permitted_enctypes" = "des3-cbc-sha1" } { "permitted_enctypes" = "des-cbc-md5" } { "permitted_enctypes" = "des-cbc-crc" } { "permitted_enctypes" = "aes128-cts" } { "#eol" } { "default_tgs_enctypes" = "des3-cbc-sha1" } { "default_tgs_enctypes" = "des-cbc-md5" } { "#eol" } { "default_tkt_enctypes" = "des-cbc-md5" } { "#eol" } } (* Ticket #274 - v4_name_convert subsection *) let v4_name_convert = "[realms] EXAMPLE.COM = { kdc = kerberos.example.com:88 admin_server = kerberos.example.com:749 default_domain = example.com ticket_lifetime = 12h v4_name_convert = { host = { rcmd = host } } } " test Krb5.lns get v4_name_convert = { "realms" { "realm" = "EXAMPLE.COM" { "kdc" = "kerberos.example.com:88" } { "admin_server" = "kerberos.example.com:749" } { "default_domain" = "example.com" } { "ticket_lifetime" = "12h" } { "v4_name_convert" { "host" { "rcmd" = "host" } } } } } (* Ticket #288: semicolons for comments *) test Krb5.lns get "; AD : This Kerberos configuration is for CERN's Active Directory realm.\n" = { "#comment" = "AD : This Kerberos configuration is for CERN's Active Directory realm." } (* RHBZ#1066419: braces in values *) test Krb5.lns get "[libdefaults]\n default_ccache_name = KEYRING:persistent:%{uid}\n" = { "libdefaults" { } { "default_ccache_name" = "KEYRING:persistent:%{uid}" } } (* Include(dir) test *) let include_test = "include /etc/krb5.other_conf.d/other.conf includedir /etc/krb5.conf.d/ " test Krb5.lns get include_test = { "include" = "/etc/krb5.other_conf.d/other.conf" } { "includedir" = "/etc/krb5.conf.d/" }
Close
