[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug in kadmin

To: heimdal-discuss@sics.se, "Henry B. Hotz" <hotz@jpl.nasa.gov>
Subject: Re: Bug in kadmin
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Sun, 30 Sep 2007 12:10:59 +0200
Cc: Andreas Haupt <andreas.haupt@desy.de>
In-Reply-To: <5F6CE969-EA2E-4855-82CD-091B1803E88C@jpl.nasa.gov>
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
References: <1190902425.25715.49.camel@oreade38.ifh.de> <5F6CE969-EA2E-4855-82CD-091B1803E88C@jpl.nasa.gov>
Reply-To: heimdal-discuss@sics.se, Love Hörnquist Åstrand <lha@kth.se>

I just found it last week with 1.0.1, so I guess I should push out a  
1.0.2 soon when I fixed this bug since it very very irritating.

Love


27 sep 2007 kl. 18.46 skrev Henry B. Hotz:

> This sounds like a bug I reported.  I thought it was fixed in  
> 1.0.1.  It's purely client-side (and I was seeing it using kadmin  
> with a 0.7.2 kadmind).
>
> On Sep 27, 2007, at 7:13 AM, Andreas Haupt wrote:
>
>> Hi,
>>
>> I'm a bit confused about how remote kadmin determines the user to
>> authenticate for admin operations. From the kadmin manpage:
>>
>> -p string, --principal=string
>>              principal to authenticate as
>>
>> That's the reality with Heimdal 1.0.1:
>>
>> [brutus-vm10] ~ # /usr/heimdal/sbin/kadmin --principal=bla/admin list
>> ahaupt
>> root/admin@IFH.DE's Password:
>> kadmin: get ahaupt: Incorrect password
>>
>> Why does it ask for root/admin's password. I explicitly told it to  
>> use
>> another admin principal. I don't want to use the "workaround":
>>
>> [brutus-vm10] ~ # kinit foo
>> Password for foo@IFH.DE:
>> [brutus-vm10] ~ # /usr/heimdal/sbin/kadmin --principal=bla/admin list
>> ahaupt
>> bla/admin@IFH.DE's Password:
>> ahaupt
>> [brutus-vm10] ~ # kdestroy
>> [brutus-vm10] ~ # /usr/heimdal/sbin/kadmin --principal=bla/admin list
>> ahaupt
>> root/admin@IFH.DE's Password:
>>
>> Stupid, isn't it?
>>
>> Cheers,
>> Andreas
>>
>> -- 
>> | Andreas Haupt             | E-Mail: andreas.haupt@desy.de
>> |  DESY Zeuthen             | WWW:    http://www-zeuthen.desy.de/ 
>> ~ahaupt
>> |  Platanenallee 6          | Phone:  +49/33762/7-7359
>> |  D-15738 Zeuthen          | Fax:    +49/33762/7-7216
>>
>

Follow-Ups:
- Re: Bug in kadmin
  - From: Love Hörnquist Åstrand <lha@kth.se>

References:
- Bug in kadmin
  - From: Andreas Haupt <andreas.haupt@desy.de>
- Re: Bug in kadmin
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>

Prev by Date: Re: PK-Init and proxy certs question
Next by Date: Re: PKCROSS Implementation?
Prev by thread: Re: Bug in kadmin
Next by thread: Re: Bug in kadmin
Index(es):
- Date
- Thread