Change keytab names to reflect smtp/ principal

In order to get kerberized SMTP by Postfix backending onto Dovecot's SASL
implementation, Dovecot needs to have access to an smtp/olinda.dehnerts.com key
(as well as an imap/olinda.dehnerts.com key for the IMAP). Sticking
smtp/olinda.dehnerts.com in a file named imap.keytab seemed silly, so I renamed
that file to olinda.keytab and added the smtp/ key. Getting and using the new
principal (and reconfiguring the MUA's like Thunderbird) turns out to be the
only config change required.

diff --git a/conf.d/10-auth.conf b/conf.d/10-auth.conf
index b7f554b698527701c5127ffd75300c54f4733a4c..5a69bccf903a2260b60db87c7083614648c683f9 100644 (file)
--- a/conf.d/10-auth.conf
+++ b/conf.d/10-auth.conf
@@ -72,7 +72,7 @@
 # Kerberos keytab to use for the GSSAPI mechanism. Will use the system
 # default (usually /etc/krb5.keytab) if not specified. You may need to change
 # the auth service to run as root to be able to read this file.
-auth_krb5_keytab = /etc/dovecot/imap.keytab
+auth_krb5_keytab = /etc/dovecot/olinda.keytab
 
 # Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
 # ntlm_auth helper. <doc/wiki/Authentication/Mechanisms/Winbind.txt>