[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug in kadmin



This sounds like a bug I reported.  I thought it was fixed in 1.0.1.   
It's purely client-side (and I was seeing it using kadmin with a  
0.7.2 kadmind).

On Sep 27, 2007, at 7:13 AM, Andreas Haupt wrote:

> Hi,
>
> I'm a bit confused about how remote kadmin determines the user to
> authenticate for admin operations. From the kadmin manpage:
>
> -p string, --principal=string
>              principal to authenticate as
>
> That's the reality with Heimdal 1.0.1:
>
> [brutus-vm10] ~ # /usr/heimdal/sbin/kadmin --principal=bla/admin list
> ahaupt
> root/admin@IFH.DE's Password:
> kadmin: get ahaupt: Incorrect password
>
> Why does it ask for root/admin's password. I explicitly told it to use
> another admin principal. I don't want to use the "workaround":
>
> [brutus-vm10] ~ # kinit foo
> Password for foo@IFH.DE:
> [brutus-vm10] ~ # /usr/heimdal/sbin/kadmin --principal=bla/admin list
> ahaupt
> bla/admin@IFH.DE's Password:
> ahaupt
> [brutus-vm10] ~ # kdestroy
> [brutus-vm10] ~ # /usr/heimdal/sbin/kadmin --principal=bla/admin list
> ahaupt
> root/admin@IFH.DE's Password:
>
> Stupid, isn't it?
>
> Cheers,
> Andreas
>
> -- 
> | Andreas Haupt             | E-Mail: andreas.haupt@desy.de
> |  DESY Zeuthen             | WWW:    http://www-zeuthen.desy.de/ 
> ~ahaupt
> |  Platanenallee 6          | Phone:  +49/33762/7-7359
> |  D-15738 Zeuthen          | Fax:    +49/33762/7-7216
>