This directory contains additional data files needed to run some tests. By default, all the tests are done using a SQLite database. To test against another database, create a file named test.database. The first line of the file should contain the database driver name (mysql, for example, for DBD::mysql). The second line should contain the DBI connect string, normally of the form: database=;host=;port= replacing , , and with the parameters for your database. The third line should be the username to use, and the fourth and last line should be the password. If this file is present, all tests will be run against this database instead of a local SQLite database. In order to run the keytab tests, you will need to grant the test processes access to create, download, and remove principals in a test KDC. This should not be pointed at a production KDC! Then, create the following files: test.keytab Keytab for an authorized user test.principal Principal of the authorized user test.realm Kerberos realm in which to do testing test.krbtype Type of Kerberos server (Heimdal or MIT) This realm will also need to be configured in your local krb5.conf, including the admin_server for the realm. The test process will create the principals wallet/one and wallet/two and on success will clean up after itself. If the test fails, they may be left behind in the KDC. It will also attempt to create wallet-test/one and expects that attempt to be rejected by the KDC. For MIT Kerberos, to grant appropriate permissions, add the line: admci wallet/*@ to the kadm5.acl file for your master KDC for the test realm and restart kadmind. is the principal that you are using to test with, and is the Kerberos realm. Again, I do not recommend using a production realm; the test doesn't need a production realm and it's more secure to stick to a test realm. In order to test the AFS kaserver synchronization, you will need to grant the test processes access to a principal with ADMIN rights in a test AFS kaserver. This should not be pointed at a production cell! Create the following files: test.admin Fully-qualified principal of ADMIN user test.srvtab Kerberos v4 srvtab for the ADMIN user The ADMIN user will be parsed to determine the default realm for principals created in the kaserver. You cannot use cross-realm authentication for this test. This AFS kaserver Kerberos v4 realm will also need to be configured in your local krb.conf (but not krb.realms). The test process will create the principals wallet.one and wallet.two and on success will clean up after itself. If the test fails, they may be left behind in the AFS kaserver.