containers
/
toolbox
mirror of https://github.com/containers/toolbox.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cmd/initContainer: Split out the code to configure Kerberos 

This is meant to reduce the size of the initContainer() function that
implements the heart of the 'init-container' command.

The debug log and error message were tweaked to match the name of the
function and for consistency with the configureRPM() function.

https://github.com/containers/toolbox/pull/1631
This commit is contained in:
Debarshi Ray 2025-04-29 22:26:28 +02:00
parent 06f81546ef
commit ee182260b7
1 changed files with 30 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
src/cmd/initContainer.go
View File

@ -297,24 +297,8 @@ func initContainer(cmd *cobra.Command, args []string) error {
} }
} }
if utils.PathExists("/etc/krb5.conf.d") && !utils.PathExists("/etc/krb5.conf.d/kcm_default_ccache") { if err := configureKerberos(); err != nil {
logrus.Debug("Setting KCM as the default Kerberos credential cache") return err
kcmConfigString := `# Written by Toolbx
# https://github.com/containers/toolbox
#
# # To disable the KCM credential cache, comment out the following lines.
[libdefaults]
default_ccache_name = KCM:
`
kcmConfigBytes := []byte(kcmConfigString)
if err := ioutil.WriteFile("/etc/krb5.conf.d/kcm_default_ccache",
kcmConfigBytes,
0644); err != nil {
return errors.New("failed to set KCM as the default Kerberos credential cache")
}
} }
if err := configureRPM(); err != nil { if err := configureRPM(); err != nil {
@ -553,6 +537,34 @@ func applyCDISpecForNvidiaHookUpdateLDCache(hookArgs []string) error {
return nil return nil
} }
func configureKerberos() error {
if !utils.PathExists("/etc/krb5.conf.d") {
return nil
}
if utils.PathExists("/etc/krb5.conf.d/kcm_default_ccache") {
return nil
}
logrus.Debug("Configuring Kerberos to use KCM as the default credential cache")
kcmConfigString := `# Written by Toolbx
# https://github.com/containers/toolbox
#
# # To disable the KCM credential cache, comment out the following lines.
[libdefaults]
default_ccache_name = KCM:
`
kcmConfigBytes := []byte(kcmConfigString)
if err := ioutil.WriteFile("/etc/krb5.conf.d/kcm_default_ccache", kcmConfigBytes, 0644); err != nil {
return errors.New("failed to configure Kerberos to use KCM as the default credential cache")
}
return nil
}
func configureRPM() error { func configureRPM() error {
if !utils.PathExists("/usr/lib/rpm/macros.d") { if !utils.PathExists("/usr/lib/rpm/macros.d") {
return nil return nil