remote KerberosGetAFSToken, its actually not a functional configuration option, even though it is listed in the man page, and commented out in the default config file. I filed a bug with debian (#607238)

2010-12-15 20:38:07 -05:00 · 2010-12-15 20:38:07 -05:00 · 0ec0562257
commit 0ec0562257
parent 167cf53271
2 changed files with 0 additions and 13 deletions
--- a/manifests/init.pp
+++ b/manifests/init.pp
@ -84,11 +84,6 @@
 #                               Valid values: yes or no
 #                               Default: no
 #
-# sshd_kerberos_getafstoken:    If AFS is active and user has a Kerberos 5 TGT, attempt to
-#                               acquire an AFS token before accessing the user's home directory.
-#                               Valid values: yes or no
-#                               Default: no
-#
 # sshd_kerberos_orlocalpasswd:  If password authentication through Kerberos fails, then the password
 #                               will be validated via any additional local mechanism.
 #                               Valid values: yes or no
@ -192,9 +187,6 @@ class sshd {
  case $sshd_kerberos_authentication {
    '': { $sshd_kerberos_authentication = 'no' }
  }
-  case $sshd_kerberos_getafstoken {
-    '': { $sshd_kerberos_getafstoken = 'no' }
-  }
  case $sshd_kerberos_orlocalpasswd {
    '': { $sshd_kerberos_orlocalpasswd = 'yes' }
  }
--- a/templates/sshd_config/Debian_squeeze.erb
+++ b/templates/sshd_config/Debian_squeeze.erb
@ -117,11 +117,6 @@ KerberosAuthentication yes
 <%- else -%>
 KerberosAuthentication no
 <%- end -%>
-<%- if sshd_kerberos_getafstoken.to_s == 'yes' then -%>
-KerberosGetAFSToken yes
-<%- else -%>
-KerberosGetAFSToken no
-<%- end -%>
 <%- if sshd_kerberos_orlocalpasswd.to_s == 'yes' then -%>
 KerberosOrLocalPasswd yes
 <%- else -%>