diff options
Diffstat (limited to 'nixpkgs/nixos/tests/krb5/example-config.nix')
-rw-r--r-- | nixpkgs/nixos/tests/krb5/example-config.nix | 140 |
1 files changed, 73 insertions, 67 deletions
diff --git a/nixpkgs/nixos/tests/krb5/example-config.nix b/nixpkgs/nixos/tests/krb5/example-config.nix index 9a5c3b2af249..33bed481b39f 100644 --- a/nixpkgs/nixos/tests/krb5/example-config.nix +++ b/nixpkgs/nixos/tests/krb5/example-config.nix @@ -4,78 +4,77 @@ import ../make-test-python.nix ({ pkgs, ...} : { name = "krb5-with-example-config"; meta = with pkgs.lib.maintainers; { - maintainers = [ eqyiel ]; + maintainers = [ eqyiel dblsaiko ]; }; nodes.machine = { pkgs, ... }: { - krb5 = { + security.krb5 = { enable = true; - kerberos = pkgs.krb5; - libdefaults = { - default_realm = "ATHENA.MIT.EDU"; - }; - realms = { - "ATHENA.MIT.EDU" = { - admin_server = "athena.mit.edu"; - kdc = [ - "athena01.mit.edu" - "athena02.mit.edu" - ]; + package = pkgs.krb5; + settings = { + includedir = [ + "/etc/krb5.conf.d" + ]; + include = [ + "/etc/krb5-extra.conf" + ]; + libdefaults = { + default_realm = "ATHENA.MIT.EDU"; }; - }; - domain_realm = { - "example.com" = "EXAMPLE.COM"; - ".example.com" = "EXAMPLE.COM"; - }; - capaths = { - "ATHENA.MIT.EDU" = { - "EXAMPLE.COM" = "."; + realms = { + "ATHENA.MIT.EDU" = { + admin_server = "athena.mit.edu"; + kdc = [ + "athena01.mit.edu" + "athena02.mit.edu" + ]; + }; }; - "EXAMPLE.COM" = { - "ATHENA.MIT.EDU" = "."; + domain_realm = { + "example.com" = "EXAMPLE.COM"; + ".example.com" = "EXAMPLE.COM"; }; - }; - appdefaults = { - pam = { - debug = false; - ticket_lifetime = 36000; - renew_lifetime = 36000; - max_timeout = 30; - timeout_shift = 2; - initial_timeout = 1; + capaths = { + "ATHENA.MIT.EDU" = { + "EXAMPLE.COM" = "."; + }; + "EXAMPLE.COM" = { + "ATHENA.MIT.EDU" = "."; + }; }; - }; - plugins = { - ccselect = { - disable = "k5identity"; + appdefaults = { + pam = { + debug = false; + ticket_lifetime = 36000; + renew_lifetime = 36000; + max_timeout = 30; + timeout_shift = 2; + initial_timeout = 1; + }; + }; + plugins.ccselect.disable = "k5identity"; + logging = { + kdc = "SYSLOG:NOTICE"; + admin_server = "SYSLOG:NOTICE"; + default = "SYSLOG:NOTICE"; }; }; - extraConfig = '' - [logging] - kdc = SYSLOG:NOTICE - admin_server = SYSLOG:NOTICE - default = SYSLOG:NOTICE - ''; }; }; testScript = let snapshot = pkgs.writeText "krb5-with-example-config.conf" '' - [libdefaults] - default_realm = ATHENA.MIT.EDU - - [realms] - ATHENA.MIT.EDU = { - admin_server = athena.mit.edu - kdc = athena01.mit.edu - kdc = athena02.mit.edu + [appdefaults] + pam = { + debug = false + initial_timeout = 1 + max_timeout = 30 + renew_lifetime = 36000 + ticket_lifetime = 36000 + timeout_shift = 2 } - [domain_realm] - .example.com = EXAMPLE.COM - example.com = EXAMPLE.COM - [capaths] ATHENA.MIT.EDU = { EXAMPLE.COM = . @@ -84,25 +83,32 @@ import ../make-test-python.nix ({ pkgs, ...} : { ATHENA.MIT.EDU = . } - [appdefaults] - pam = { - debug = false - initial_timeout = 1 - max_timeout = 30 - renew_lifetime = 36000 - ticket_lifetime = 36000 - timeout_shift = 2 - } + [domain_realm] + .example.com = EXAMPLE.COM + example.com = EXAMPLE.COM + + [libdefaults] + default_realm = ATHENA.MIT.EDU + + [logging] + admin_server = SYSLOG:NOTICE + default = SYSLOG:NOTICE + kdc = SYSLOG:NOTICE [plugins] ccselect = { disable = k5identity } - [logging] - kdc = SYSLOG:NOTICE - admin_server = SYSLOG:NOTICE - default = SYSLOG:NOTICE + [realms] + ATHENA.MIT.EDU = { + admin_server = athena.mit.edu + kdc = athena01.mit.edu + kdc = athena02.mit.edu + } + + include /etc/krb5-extra.conf + includedir /etc/krb5.conf.d ''; in '' machine.succeed( |