[PROPOSAL] Require builtin or system krb5 libs
Stefan (metze) Metzmacher
metze at samba.org
Thu Jan 5 06:01:33 MST 2012
>>>> Why not? We have a large amount of code and complexity created by
>>>> trying (and failing, see 3.5.11, recent master) to support building
>>>> without Kerberos. As nobody noticed until now, clearly our users accept
>>>> the need for a Kerberos library to build Samba.
>>> Recently I fixed a master build without Kerberos. See
>>> 48804e4. At least the compile went fine..
>> And I do thank you for doing that.
>> My point here is to avoid us needing to keep doing this in future, and
>> to remove some small part of Samba's complexity that having optional
>> kerberos brings.
> And my point is to object to that. I am perfectly happy with
> us requiring a certain recent Kerberos library level if we
> do Kerberos, but we need to run without Kerberos as well.
I also think we should build without any kerberos support, I'm
happy to use only HAVE_ADS (--with-ads=no) for that,
instead of HAVE_ADS, HAVE_KRB5 and HAVE_GSSAPI wildly mixed.
When we have hidden most of the krb5/gssapi stuff behind the gensec
it shouldn't be that complex to maintain.
Most of the pain is really to work around incomplete/incompatible
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 262 bytes
Desc: OpenPGP digital signature
More information about the samba-technical