A quick and easy docker image for testing against a kerberos. Comes in two flavors MIT kerberos and heimdal.
# MIT kerberos
$ docker build -f Dockerfile.mit -t krb5-alpine .
# Heimdal
$ docker build -f Dockerfile.heimdal -t heimdal-alpine .
$ docker run --rm -ti -p 127.0.0.1:8888:88 -p 127.0.0.1:7749:749 -v $(pwd)/keytabs:/opt/keytabs -e PRINCIPALS="pwman:pwmantest markus:test" -e REALM=NORDU.NET krb5-alpine
$ docker run --rm -ti -p 127.0.0.1:8888:88 -p 127.0.0.1:7749:749 -v $(pwd)/keytabs:/opt/keytabs -e PRINCIPALS="pwman:pwmantest markus:test" -e REALM=NORDU.NET heimdal-alpine
PRINCIPALSa space seperated string defining principals to create. For random password just skip the:password. e.g.markus/admin:pwmantest markusDefaults topwman:pwmantestREALMthe realm to use defaults toEXAMPLE.COM
- The acl is done in
/opt/heimdal/kadmind.aclor/opt/krb5/kadm5.acl. Changes tokadmincd.aclin heimdal requires container restart. /etc/krb5.confdefault kerberos config/var/lib/krb5kdc/kdc.confMIT KDC config