[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug in kadmin

To: heimdal-discuss@sics.se, Love Hörnquist Åstrand <lha@kth.se>
Subject: Re: Bug in kadmin
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Sun, 30 Sep 2007 21:38:14 +0200
Cc: "Henry B. Hotz" <hotz@jpl.nasa.gov>, Andreas Haupt <andreas.haupt@desy.de>
In-Reply-To: <F9FDD63F-055F-49B9-ABDE-2F0BCF99942D@kth.se>
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
References: <1190902425.25715.49.camel@oreade38.ifh.de> <5F6CE969-EA2E-4855-82CD-091B1803E88C@jpl.nasa.gov> <F9FDD63F-055F-49B9-ABDE-2F0BCF99942D@kth.se>
Reply-To: heimdal-discuss@sics.se, Love Hörnquist Åstrand <lha@kth.se>

Hello,

There is a work-around (used in test-cases, the reason the error  
isn't caught by the regression tests.

kinit -S kadmin/admin@REALM foo/admin@REALM
kadmin -p foo/admin@REALM -r REALM

Love



30 sep 2007 kl. 12.10 skrev Love Hörnquist Åstrand:

> I just found it last week with 1.0.1, so I guess I should push out  
> a 1.0.2 soon when I fixed this bug since it very very irritating.
>
> Love
>
> 27 sep 2007 kl. 18.46 skrev Henry B. Hotz:
>
>> This sounds like a bug I reported.  I thought it was fixed in  
>> 1.0.1.  It's purely client-side (and I was seeing it using kadmin  
>> with a 0.7.2 kadmind).
>>
>> On Sep 27, 2007, at 7:13 AM, Andreas Haupt wrote:
>>
>>> Hi,
>>>
>>> I'm a bit confused about how remote kadmin determines the user to
>>> authenticate for admin operations. From the kadmin manpage:
>>>
>>> -p string, --principal=string
>>>              principal to authenticate as
>>>
>>> That's the reality with Heimdal 1.0.1:
>>>
>>> [brutus-vm10] ~ # /usr/heimdal/sbin/kadmin --principal=bla/admin  
>>> list
>>> ahaupt
>>> root/admin@IFH.DE's Password:
>>> kadmin: get ahaupt: Incorrect password
>>>
>>> Why does it ask for root/admin's password. I explicitly told it  
>>> to use
>>> another admin principal. I don't want to use the "workaround":
>>>
>>> [brutus-vm10] ~ # kinit foo
>>> Password for foo@IFH.DE:
>>> [brutus-vm10] ~ # /usr/heimdal/sbin/kadmin --principal=bla/admin  
>>> list
>>> ahaupt
>>> bla/admin@IFH.DE's Password:
>>> ahaupt
>>> [brutus-vm10] ~ # kdestroy
>>> [brutus-vm10] ~ # /usr/heimdal/sbin/kadmin --principal=bla/admin  
>>> list
>>> ahaupt
>>> root/admin@IFH.DE's Password:
>>>
>>> Stupid, isn't it?
>>>
>>> Cheers,
>>> Andreas
>>>
>>> -- 
>>> | Andreas Haupt             | E-Mail: andreas.haupt@desy.de
>>> |  DESY Zeuthen             | WWW:    http://www-zeuthen.desy.de/ 
>>> ~ahaupt
>>> |  Platanenallee 6          | Phone:  +49/33762/7-7359
>>> |  D-15738 Zeuthen          | Fax:    +49/33762/7-7216
>>>
>>
>

References:
- Bug in kadmin
  - From: Andreas Haupt <andreas.haupt@desy.de>
- Re: Bug in kadmin
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
- Re: Bug in kadmin
  - From: Love Hörnquist Åstrand <lha@kth.se>

Prev by Date: Re: PKCROSS Implementation?
Prev by thread: Re: Bug in kadmin
Next by thread: PKCROSS Implementation?
Index(es):
- Date
- Thread