From ee3bd730d472b36bf620b0001519c5aab2073f09 Mon Sep 17 00:00:00 2001
From: Kai Wohlfahrt <kjw53@cam.ac.uk>
Date: Mon, 6 Nov 2017 16:08:41 +0000
Subject: [PATCH] kerberos-server: move kadmind to systemd

Don't use socket activation, as inetd is discouraged by heimdal documentation.
---
 nixos/modules/services/system/kerberos.nix | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/nixos/modules/services/system/kerberos.nix b/nixos/modules/services/system/kerberos.nix
index e6cfd0a8289..5647281db98 100644
--- a/nixos/modules/services/system/kerberos.nix
+++ b/nixos/modules/services/system/kerberos.nix
@@ -34,16 +34,10 @@ in
   config = mkIf config.services.kerberos_server.enable {
 
     environment.systemPackages = [ heimdalFull ];
-
-    services.xinetd.enable = true;
-    services.xinetd.services = lib.singleton
-      { name = "kerberos-adm";
-        flags = "REUSE NAMEINARGS";
-        protocol = "tcp";
-        user = "root";
-        server = "${pkgs.tcp_wrappers}/bin/tcpd";
-        serverArgs = "${pkgs.heimdalFull}/libexec/heimdal/kadmind";
-      };
+    systemd.services.kadmind = {
+      description = "Kerberos Administration Daemon";
+      script = "${pkgs.heimdalFull}/libexec/heimdal/kadmind";
+    };
 
     systemd.services.kdc = {
       description = "Key Distribution Center daemon";