Initiate KerberosIV de-orbit burn. Disconnect the /etc configs.

author: markm <markm@FreeBSD.org> 2003-03-08 09:50:11 +0000
committer: markm <markm@FreeBSD.org> 2003-03-08 09:50:11 +0000
commit: ecc5f917a32dec1377ee5baaa772c8d7a3e045c6 (patch)
tree: 3a6a8bc1b149619cfd9622c9da807d5541bfdf1d /etc
parent: 71eb06a12b9f569cb83c8eff63f7c26daccc67da (diff)
download: FreeBSD-src-ecc5f917a32dec1377ee5baaa772c8d7a3e045c6.zip
FreeBSD-src-ecc5f917a32dec1377ee5baaa772c8d7a3e045c6.tar.gz
19 files changed, 0 insertions, 132 deletions
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf
index 13ab293..e93994b 100644
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@@ -147,10 +147,6 @@ named_symlink_enable="YES"	# Symlink /var/run/named.pid and /var/run/ndc
 #
 # kerberos. Do not run the admin daemons on slave servers
 #
-kerberos4_server_enable="NO"	# Run a kerberos IV master server (or NO).
-kerberos4_server="/usr/sbin/kerberos"	# path to kerberos IV KDC
-kadmind4_server_enable="NO"	# Run kadmind (or NO)
-kadmind4_server="/usr/sbin/kadmind"	# path to kerberos IV admin daemon
 kerberos5_server_enable="NO"	# Run a kerberos 5 master server (or NO).
 kerberos5_server="/usr/libexec/kdc"	# path to kerberos 5 KDC
 kadmind5_server_enable="NO"	# Run kadmind (or NO)
diff --git a/etc/kerberosIV/README b/etc/kerberosIV/README
deleted file mode 100644
index e57916c..0000000
--- a/etc/kerberosIV/README
+++ /dev/null
@@ -1,36 +0,0 @@
-# $FreeBSD$
-#	@(#)README	5.1 (Berkeley) 6/30/90
-
-Notes about the contents of the /etc/kerberosIV directory:
-
-The file master_key contains a copy of the master key under which the
-entire Kerberos database is encrypted.  Disclosing this key would be bad
-news.  The reason it is stored in the filesystem is because the following
-programs need to inspect or modify the kerberos database, and so the key
-must be available for them, (or else it would have to be typed in by
-hand):
-		- kerberos (the server itself)
-		- registerd (for new user registration)
-		- kpasswdd (for changing passwords)
-
-The srvtab file contains the encryption keys for each service on the local
-host.  Any host offering network services would have a key here, although
-many such files can be used.
-
-The principal.* files comprise the Kerberos database itself, and contain
-keys for all principles, and should not be world-readable.
-
-The kerberos.conf file contains the configuration for this machine:
-	- which realm I'm in
-	- which servers I should talk to for this realm
-
-The kerberos.realms file contains the name of Kerberos servers for
-various (sub)domains.
-
-Kerberos log information it placed in /var/log/kerberos.log
-(see rc.local to change it)
-
-The register_keys directory contains a set of files (all of which begin
-with "."), each of which contains a des key used for registering new users
-with the system.  It is used only by the "registerd" program, and only on
-a Kerberos server host.
diff --git a/etc/kerberosIV/krb.conf b/etc/kerberosIV/krb.conf
deleted file mode 100644
index 11ac1ac..0000000
--- a/etc/kerberosIV/krb.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-CS.BERKELEY.EDU
-CS.BERKELEY.EDU	okeeffe.berkeley.edu
-ATHENA.MIT.EDU kerberos.mit.edu
-ATHENA.MIT.EDU kerberos-1.mit.edu
-ATHENA.MIT.EDU kerberos-2.mit.edu
-ATHENA.MIT.EDU kerberos-3.mit.edu
-LCS.MIT.EDU kerberos.lcs.mit.edu
-TELECOM.MIT.EDU bitsy.mit.edu
-ARC.NASA.GOV trident.arc.nasa.gov
diff --git a/etc/kerberosIV/krb.realms b/etc/kerberosIV/krb.realms
deleted file mode 100644
index 1f1bec5..0000000
--- a/etc/kerberosIV/krb.realms
+++ /dev/null
@@ -1,3 +0,0 @@
-.berkeley.edu	CS.BERKELEY.EDU
-.MIT.EDU	ATHENA.MIT.EDU
-.mit.edu	ATHENA.MIT.EDU
diff --git a/etc/mtree/BSD.root.dist b/etc/mtree/BSD.root.dist
index 7360708..1b972c8 100644
--- a/etc/mtree/BSD.root.dist
+++ b/etc/mtree/BSD.root.dist
@@ -26,8 +26,6 @@
         ..
         isdn            mode=0700
         ..
-        kerberosIV
-        ..
         mail
         ..
         mtree
diff --git a/etc/pam.d/ftpd b/etc/pam.d/ftpd
index 475162d..35bb2d1 100644
--- a/etc/pam.d/ftpd
+++ b/etc/pam.d/ftpd
@@ -8,17 +8,14 @@
 auth		required	pam_nologin.so		no_warn
 auth		sufficient	pam_opie.so		no_warn no_fake_prompts
 auth		requisite	pam_opieaccess.so	no_warn allow_local
-#auth		sufficient	pam_kerberosIV.so	no_warn
 #auth		sufficient	pam_krb5.so		no_warn
 #auth           sufficient      pam_ssh.so		no_warn try_first_pass
 auth		required	pam_unix.so		no_warn try_first_pass
 
 # account
-#account 	required	pam_kerberosIV.so
 #account 	required	pam_krb5.so
 account		required	pam_unix.so
 
 # session
-#session 	required	pam_kerberosIV.so
 #session 	required	pam_krb5.so
 session		required	pam_permit.so
diff --git a/etc/pam.d/gdm b/etc/pam.d/gdm
index 7b391b7..c0bceaf 100644
--- a/etc/pam.d/gdm
+++ b/etc/pam.d/gdm
@@ -6,18 +6,15 @@
 
 # auth
 auth		required	pam_nologin.so		no_warn
-#auth		sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #auth		sufficient	pam_krb5.so		no_warn try_first_pass
 #auth		sufficient	pam_ssh.so		no_warn try_first_pass
 auth		required	pam_unix.so		no_warn try_first_pass
 
 # account
-#account 	required	pam_kerberosIV.so
 #account 	required	pam_krb5.so
 account		required	pam_unix.so
 
 # session
-#session 	required	pam_kerberosIV.so
 #session 	required	pam_krb5.so
 #session 	optional	pam_ssh.so
 session		required	pam_permit.so
diff --git a/etc/pam.d/imap b/etc/pam.d/imap
index b9d3829..cba8af9 100644
--- a/etc/pam.d/imap
+++ b/etc/pam.d/imap
@@ -6,7 +6,6 @@
 
 # auth
 #auth		required	pam_nologin.so		no_warn
-#auth		sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #auth		sufficient	pam_krb5.so		no_warn try_first_pass
 #auth		sufficient	pam_ssh.so		no_warn try_first_pass
 auth		required	pam_unix.so		no_warn try_first_pass
diff --git a/etc/pam.d/kde b/etc/pam.d/kde
index 7b0ea45..808f5cf 100644
--- a/etc/pam.d/kde
+++ b/etc/pam.d/kde
@@ -6,18 +6,15 @@
 
 # auth
 auth		required	pam_nologin.so		no_warn
-#auth		sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #auth		sufficient	pam_krb5.so		no_warn try_first_pass
 #auth		sufficient	pam_ssh.so		no_warn try_first_pass
 auth		required	pam_unix.so		no_warn try_first_pass
 
 # account
-#account 	required	pam_kerberosIV.so
 #account 	required	pam_krb5.so
 account		required	pam_unix.so
 
 # session
-#session 	required	pam_kerberosIV.so
 #session 	required	pam_krb5.so
 #session 	optional	pam_ssh.so
 session		required	pam_permit.so
diff --git a/etc/pam.d/login b/etc/pam.d/login
index 9b9f2ed..b4c5c49 100644
--- a/etc/pam.d/login
+++ b/etc/pam.d/login
@@ -9,25 +9,21 @@ auth		required	pam_nologin.so		no_warn
 auth		sufficient	pam_self.so		no_warn
 auth		sufficient	pam_opie.so		no_warn no_fake_prompts
 auth		requisite	pam_opieaccess.so	no_warn allow_local
-#auth		sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #auth		sufficient	pam_krb5.so		no_warn try_first_pass
 #auth		sufficient	pam_ssh.so		no_warn try_first_pass
 auth		required	pam_unix.so		no_warn try_first_pass nullok
 
 # account
-#account 	required	pam_kerberosIV.so
 #account 	required	pam_krb5.so
 account		required	pam_login_access.so
 account		required	pam_securetty.so
 account		required	pam_unix.so
 
 # session
-#session 	required	pam_kerberosIV.so
 #session 	required	pam_krb5.so
 #session 	optional	pam_ssh.so
 session		required	pam_lastlog.so		no_fail
 
 # password
-#password	sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #password	sufficient	pam_krb5.so		no_warn try_first_pass
 password	required	pam_unix.so		no_warn try_first_pass
diff --git a/etc/pam.d/other b/etc/pam.d/other
index 648cd20..cb6d660 100644
--- a/etc/pam.d/other
+++ b/etc/pam.d/other
@@ -8,19 +8,16 @@
 auth		required	pam_nologin.so		no_warn
 auth		sufficient	pam_opie.so		no_warn no_fake_prompts
 auth		requisite	pam_opieaccess.so	no_warn allow_local
-#auth		sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #auth		sufficient	pam_krb5.so		no_warn try_first_pass
 #auth		sufficient	pam_ssh.so		no_warn try_first_pass
 auth		required	pam_unix.so		no_warn try_first_pass
 
 # account
-#account 	required	pam_kerberosIV.so
 #account 	required	pam_krb5.so
 account		required	pam_login_access.so
 account		required	pam_unix.so
 
 # session
-#session 	required	pam_kerberosIV.so
 #session 	required	pam_krb5.so
 #session 	optional	pam_ssh.so
 session		required	pam_permit.so
diff --git a/etc/pam.d/pop3 b/etc/pam.d/pop3
index 3e91558..34d6cc0 100644
--- a/etc/pam.d/pop3
+++ b/etc/pam.d/pop3
@@ -6,7 +6,6 @@
 
 # auth
 #auth		required	pam_nologin.so		no_warn
-#auth		sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #auth		sufficient	pam_krb5.so		no_warn try_first_pass
 #auth		sufficient	pam_ssh.so		no_warn try_first_pass
 auth		required	pam_unix.so		no_warn try_first_pass
diff --git a/etc/pam.d/sshd b/etc/pam.d/sshd
index 7d5aea0..34c0b60 100644
--- a/etc/pam.d/sshd
+++ b/etc/pam.d/sshd
@@ -8,24 +8,20 @@
 auth		required	pam_nologin.so		no_warn
 auth		sufficient	pam_opie.so		no_warn no_fake_prompts
 auth		requisite	pam_opieaccess.so	no_warn allow_local
-#auth		sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #auth		sufficient	pam_krb5.so		no_warn try_first_pass
 #auth		sufficient	pam_ssh.so		no_warn try_first_pass
 auth		required	pam_unix.so		no_warn try_first_pass
 
 # account
-#account 	required	pam_kerberosIV.so
 #account 	required	pam_krb5.so
 account		required	pam_login_access.so
 account		required	pam_unix.so
 
 # session
-#session 	required	pam_kerberosIV.so
 #session 	required	pam_krb5.so
 #session 	optional	pam_ssh.so
 session		required	pam_permit.so
 
 # password
-#password	sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #password	sufficient	pam_krb5.so		no_warn try_first_pass
 password	required	pam_unix.so		no_warn try_first_pass
diff --git a/etc/pam.d/su b/etc/pam.d/su
index a31ee5c..2a2c38f 100644
--- a/etc/pam.d/su
+++ b/etc/pam.d/su
@@ -10,17 +10,14 @@ auth		sufficient	pam_self.so		no_warn
 auth		requisite	pam_group.so		no_warn root_only fail_safe
 auth		sufficient	pam_opie.so		no_warn no_fake_prompts
 auth		requisite	pam_opieaccess.so	no_warn allow_local
-#auth		sufficient	pam_kerberosIV.so	no_warn
 #auth		sufficient	pam_krb5.so		no_warn try_first_pass auth_as_self
 #auth		required	pam_ssh.so		no_warn try_first_pass
 auth		required	pam_unix.so		no_warn try_first_pass nullok
 
 # account
-#account 	required	pam_kerberosIV.so
 #account 	required	pam_krb5.so
 account		required	pam_unix.so
 
 # session
-#session 	required	pam_kerberosIV.so
 #session 	required	pam_krb5.so
 #session 	optional	pam_ssh.so
diff --git a/etc/pam.d/telnetd b/etc/pam.d/telnetd
index c43bf71..62f2685 100644
--- a/etc/pam.d/telnetd
+++ b/etc/pam.d/telnetd
@@ -8,24 +8,20 @@
 auth		required	pam_nologin.so		no_warn
 auth		sufficient	pam_opie.so		no_warn no_fake_prompts
 auth		requisite	pam_opieaccess.so	no_warn allow_local
-#auth		sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #auth		sufficient	pam_krb5.so		no_warn try_first_pass
 #auth		sufficient	pam_ssh.so		no_warn try_first_pass
 auth		required	pam_unix.so		no_warn try_first_pass
 
 # account
-#account 	required	pam_kerberosIV.so
 #account 	required	pam_krb5.so
 account		required	pam_login_access.so
 account		required	pam_unix.so
 
 # session
-#session 	required	pam_kerberosIV.so
 #session 	required	pam_krb5.so
 #session 	optional	pam_ssh.so
 session		required	pam_lastlog.so		no_fail
 
 # password
-#password	sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #password	sufficient	pam_krb5.so		no_warn try_first_pass
 password	required	pam_unix.so		no_warn try_first_pass
diff --git a/etc/pam.d/xdm b/etc/pam.d/xdm
index d6619153..8ce90c8 100644
--- a/etc/pam.d/xdm
+++ b/etc/pam.d/xdm
@@ -6,18 +6,15 @@
 
 # auth
 auth		required	pam_nologin.so		no_warn
-#auth		sufficient	pam_kerberosIV.so	no_warn try_first_pass
 #auth		sufficient	pam_krb5.so		no_warn try_first_pass
 #auth		sufficient	pam_ssh.so		no_warn try_first_pass
 auth		required	pam_unix.so		no_warn try_first_pass
 
 # account
-#account 	required	pam_kerberosIV.so
 #account 	required	pam_krb5.so
 account		required	pam_unix.so
 
 # session
-#session 	required	pam_kerberosIV.so
 #session 	required	pam_krb5.so
 #session 	required	pam_ssh.so		want_agent
 session		required	pam_permit.so
diff --git a/etc/rc.d/kadmind b/etc/rc.d/kadmind
index c6001c6..6715115 100644
--- a/etc/rc.d/kadmind
+++ b/etc/rc.d/kadmind
@@ -10,15 +10,6 @@
 
 . /etc/rc.subr
 
-name="kadmindIV"
-load_rc_config $name
-rcvar=`set_rcvar kadmind4_server`
-checkyesno kerberos_stash && stash='-n' || stash=
-start_cmd="( sleep 20; ${kadmind4_server} ${stash} > /dev/null 2>&1 & ) &"
-required_vars="kerberos4_server_enable"
-
-run_rc_command "$1"
-
 name="kadmind5"
 load_rc_config $name
 rcvar="kadmind5_server_enable"
diff --git a/etc/rc.d/kerberos b/etc/rc.d/kerberos
index fbd45ba..5d4f0f6 100644
--- a/etc/rc.d/kerberos
+++ b/etc/rc.d/kerberos
@@ -9,15 +9,6 @@
 
 . /etc/rc.subr
 
-name="kerberosIV"
-load_rc_config $name
-rcvar="kerberos4_server_enable"
-command="${kerberos4_server}"
-checkyesno kerberos_stash && stash='-n' || stash=
-command_args="${stash} >> /var/log/kerberos.log &"
-
-run_rc_command "$1"
-
 name="kerberos5"
 load_rc_config $name
 rcvar="kerberos5_server_enable"
diff --git a/etc/rc.network b/etc/rc.network
index 6ae5d5a..9cb6648 100644
--- a/etc/rc.network
+++ b/etc/rc.network
@@ -812,34 +812,6 @@ network_pass3() {
 		;;
 	esac
 
-	# Kerberos servers run ONLY on the Kerberos server machine
-	case ${kerberos4_server_enable} in
-	[Yy][Ee][Ss])
-		case ${kerberos_stash} in
-		[Yy][Ee][Ss])
-			stash=-n
-			;;
-		*)
-			stash=
-			;;
-		esac
-
-		echo -n ' kerberosIV'
-		${kerberos4_server} ${stash} >> /var/log/kerberos.log &
-
-		case ${kadmind4_server_enable} in
-		[Yy][Ee][Ss])
-			echo -n ' kadmindIV'
-			(
-				sleep 20;
-				${kadmind4_server} ${stash} >/dev/null 2>&1 &
-			) &
-			;;
-		esac
-		unset stash_flag
-		;;
-	esac
-
 	case ${kerberos5_server_enable} in
 	[Yy][Ee][Ss])
 		echo -n ' kerberos5'
author	markm <markm@FreeBSD.org>	2003-03-08 09:50:11 +0000
committer	markm <markm@FreeBSD.org>	2003-03-08 09:50:11 +0000
commit	ecc5f917a32dec1377ee5baaa772c8d7a3e045c6 (patch)
tree	3a6a8bc1b149619cfd9622c9da807d5541bfdf1d /etc
parent	71eb06a12b9f569cb83c8eff63f7c26daccc67da (diff)
download	FreeBSD-src-ecc5f917a32dec1377ee5baaa772c8d7a3e045c6.zip FreeBSD-src-ecc5f917a32dec1377ee5baaa772c8d7a3e045c6.tar.gz