From 9148d4222108b0c32c474cf6f9fd3728deb32836 Mon Sep 17 00:00:00 2001
From: Russ Allbery <rra@stanford.edu>
Date: Sun, 21 Feb 2010 18:25:08 -0800
Subject: Description and dependency fixes

* Clarify in long description that keytab-backend is only needed for MIT
  Kerberos.
* Move wallet-server's dependency on krb5-user to Recommends, since it's
  only needed for keytab support, and allow libheimdal-kadm5-perl as an
  alternative.
* Recommend remctl-server 2.14 or later for improved store support.
---
 debian/changelog |  6 ++++++
 debian/control   | 17 +++++++++--------
 2 files changed, 15 insertions(+), 8 deletions(-)

(limited to 'debian')

diff --git a/debian/changelog b/debian/changelog
index 473677d..2d8e962 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -18,6 +18,12 @@ wallet (0.10-1) UNRELEASED; urgency=low
   * Update debhelper compatibility level to V7.
     - Use debhelper rule minimization with overrides.
     - Add ${misc:Depends} to dependencies.
+  * Clarify in long description that keytab-backend is only needed for MIT
+    Kerberos.
+  * Move wallet-server's dependency on krb5-user to Recommends, since it's
+    only needed for keytab support, and allow libheimdal-kadm5-perl as an
+    alternative.
+  * Recommend remctl-server 2.14 or later for improved store support.
 
  -- Russ Allbery <rra@debian.org>  Sun, 21 Feb 2010 17:49:43 -0800
 
diff --git a/debian/control b/debian/control
index 148dc02..4068a01 100644
--- a/debian/control
+++ b/debian/control
@@ -10,13 +10,13 @@ Package: keytab-backend
 Architecture: all
 Depends: ${misc:Depends}, ${perl:Depends}, krb5-admin-server, perl,
  remctl-server
-Description: Provide existing Kerberos keytabs via remctl
+Description: Provide existing MIT Kerberos keytabs via remctl
  keytab-backend is a service that runs under remctld and allows
- authenticated clients to download Kerberos keytabs without changing the
- key stored in the Kerberos KDC.  It must run on the same host as the
- Kerberos KDC and uses kadmin.local to extract the existing key.  It
- applies additional ACLs to limit which keys may be extracted in this
- way.
+ authenticated clients to download Kerberos keytabs from an MIT Kerberos
+ KDC without changing the key stored in the Kerberos KDC.  It must run on
+ the same host as the Kerberos KDC and uses kadmin.local to extract the
+ existing key.  It applies additional ACLs to limit which keys may be
+ extracted in this way.  This interface is not needed for Heimdal.
 
 Package: wallet-client
 Architecture: any
@@ -36,9 +36,10 @@ Description: Kerberos-authenticated secure data management client
 
 Package: wallet-server
 Architecture: all
-Depends: ${misc:Depends}, ${perl:Depends}, krb5-user, libdbi-perl,
+Depends: ${misc:Depends}, ${perl:Depends}, libdbi-perl,
  libdbd-sqlite3-perl | libdbd-mysql-perl, remctl-server
-Suggests: libauthen-krb5-perl, libnet-remctl-perl
+Recommends: krb5-user | libheimdal-kadm5-perl, remctl-server (>= 2.14)
+Suggests: libnet-remctl-perl
 Description: Kerberos-authenticated secure data management server
  The wallet is a system for managing secure data, authorization rules to
  retrieve or change that data, and audit rules for documenting actions
-- 
cgit v1.2.3