How krb5.conf is parsed (especially in respect to comments)
haba at kth.se
Mon Mar 26 21:26:11 CEST 2018
>> # The following krb5.conf variables are only for MIT Kerberos.
> The above is a comment.
I have not found a place describing this, but I did not serach too
> It is perfectly valid for a '#' to be present in a value string.
> A value string is all of the contents to the right of the equal sign
> until the end of line.
To the right of the equal sign and any following whitespace. So it
seems one can have whitespace inside the value but no value which
starts with whitespace. According to my tests these two values are the
file "/tmp/foo bar #"
default_cc_name = /tmp/foo bar #baz
default_cc_name =/tmp/foo bar #baz
klist: No ticket file: /tmp/foo bar #baz
So that probably means that both
> STRINGs consists of one or more non-whitespace characters.
from Heimdal man krb5.conf and kinits handing of
renew_lifetime = 3 days
Probably the documentation, kinit and verify_krb5_conf should agree
about the format.
More information about the Heimdal-discuss