[30299] in CVS-changelog-for-Kerberos-V5

krb5 commit: Use "replica" in iprop settings

daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Oct 3 12:34:24 2018

Date: Wed, 3 Oct 2018 12:28:45 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201810031628.w93GSjBT023841@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

commit 07d9f95e433cf59674faedf1121fe810ab3683c7
Author: Greg Hudson <ghudson@mit.edu>
Date:   Thu Sep 27 12:14:25 2018 -0400

    Use "replica" in iprop settings
    Change the default dump filename for iprop to "replica_datatrans", and
    the iprop poll interval profile variable to "iprop_replica_poll",
    preserving compatibility with the old name.
    ticket: 8742 (new)

 doc/admin/admin_commands/kprop.rst  |    2 +-
 doc/admin/admin_commands/kpropd.rst |    2 +-
 doc/admin/conf_files/kdc_conf.rst   |    9 +++++++--
 doc/admin/database.rst              |    4 ++--
 doc/admin/install_kdc.rst           |    8 ++++----
 doc/mitK5defaults.rst               |   12 ++++++------
 src/include/k5-int.h                |    1 +
 src/include/osconf.hin              |    2 +-
 src/kprop/replica_update            |    2 +-
 src/lib/kadm5/alt_prof.c            |    6 +++++-
 src/tests/t_iprop.py                |    8 ++++----
 11 files changed, 33 insertions(+), 23 deletions(-)

diff --git a/doc/admin/admin_commands/kprop.rst b/doc/admin/admin_commands/kprop.rst
index 6365d85..3fad2c6 100644
--- a/doc/admin/admin_commands/kprop.rst
+++ b/doc/admin/admin_commands/kprop.rst
@@ -33,7 +33,7 @@ OPTIONS
 **-f** *file*
     Specifies the filename where the dumped principal database file is
     to be found; by default the dumped database file is normally
-    |kdcdir|\ ``/slave_datatrans``.
+    |kdcdir|\ ``/replica_datatrans``.
 **-P** *port*
     Specifies the port to use to contact the :ref:`kpropd(8)` server
diff --git a/doc/admin/admin_commands/kpropd.rst b/doc/admin/admin_commands/kpropd.rst
index 37162c9..d3e4fb1 100644
--- a/doc/admin/admin_commands/kpropd.rst
+++ b/doc/admin/admin_commands/kpropd.rst
@@ -53,7 +53,7 @@ compatibility but does nothing.
 Incremental propagation may be enabled with the **iprop_enable**
 variable in :ref:`kdc.conf(5)`.  If incremental propagation is
 enabled, the replica periodically polls the master KDC for updates, at
-an interval determined by the **iprop_slave_poll** variable.  If the
+an interval determined by the **iprop_replica_poll** variable.  If the
 replica receives updates, kpropd updates its log file with any updates
 from the master.  :ref:`kproplog(8)` can be used to view a summary of
 the update entry log on the replica KDC.  If incremental propagation
diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst
index ee17099..c73791c 100644
--- a/doc/admin/conf_files/kdc_conf.rst
+++ b/doc/admin/conf_files/kdc_conf.rst
@@ -227,10 +227,15 @@ The following tags may be specified in a [realms] subsection:
     retained for incremental propagation.  The default value is 1000.
     Prior to release 1.11, the maximum value was 2500.
     (Delta time string.)  Specifies how often the replica KDC polls
     for new updates from the master.  The default value is ``2m``
-    (that is, two minutes).
+    (that is, two minutes).  New in release 1.17.
+    (Delta time string.)  The name for **iprop_replica_poll** prior to
+    release 1.17.  Its value is used as a fallback if
+    **iprop_replica_poll** is not specified.
     (Whitespace- or comma-separated list.)  Specifies the iprop RPC
diff --git a/doc/admin/database.rst b/doc/admin/database.rst
index 960f304..3007cfe 100644
--- a/doc/admin/database.rst
+++ b/doc/admin/database.rst
@@ -817,7 +817,7 @@ data in the KDC config file (See :ref:`kdc.conf(5)`):
 ====================== =============== ===========================================
 iprop_enable           *boolean*       If *true*, then incremental propagation is enabled, and (as noted below) normal kprop propagation is disabled. The default is *false*.
 iprop_master_ulogsize  *integer*       Indicates the number of entries that should be retained in the update log. The default is 1000; the maximum number is 2500.
-iprop_slave_poll       *time interval* Indicates how often the replica should poll the master KDC for changes to the database. The default is two minutes.
+iprop_replica_poll     *time interval* Indicates how often the replica should poll the master KDC for changes to the database. The default is two minutes.
 iprop_port             *integer*       Specifies the port number to be used for incremental propagation. This is required in both master and replica configuration files.
 iprop_resync_timeout   *integer*       Specifies the number of seconds to wait for a full propagation to complete. This is optional on replica configurations.  Defaults to 300 seconds (5 minutes).
 iprop_logfile          *file name*     Specifies where the update log file for the realm database is to be stored. The default is to use the *database_name* entry from the realms section of the config file :ref:`kdc.conf(5)`, with *.ulog* appended. (NOTE: If database_name isn't specified in the realms section, perhaps because the LDAP database back end is being used, or the file name is specified in the *dbmodules* section, then the hard-coded default for *database_name* is used. Determination of the *iprop_logfile*  default value will not use values from the *dbmodules* section.)
@@ -892,4 +892,4 @@ The Sun implementation hard-codes pathnames in ``/var/krb5`` for the
 update log and the per-replica kprop dump files.  In the MIT
 implementation, the pathname for the update log is specified in the
 config file, and the per-replica dump files are stored in
-|kdcdir|\ ``/slave_datatrans_hostname``.
+|kdcdir|\ ``/replica_datatrans_hostname``.
diff --git a/doc/admin/install_kdc.rst b/doc/admin/install_kdc.rst
index c7eec1e..5d1e70e 100644
--- a/doc/admin/install_kdc.rst
+++ b/doc/admin/install_kdc.rst
@@ -425,12 +425,12 @@ Propagate the database to each replica KDC
 First, create a dump file of the database on the master KDC, as
-    shell% kdb5_util dump /usr/local/var/krb5kdc/slave_datatrans
+    shell% kdb5_util dump /usr/local/var/krb5kdc/replica_datatrans
 Then, manually propagate the database to each replica KDC, as in the
 following example::
-    shell% kprop -f /usr/local/var/krb5kdc/slave_datatrans kerberos-1.mit.edu
+    shell% kprop -f /usr/local/var/krb5kdc/replica_datatrans kerberos-1.mit.edu
     Database propagation to kerberos-1.mit.edu: SUCCEEDED
@@ -448,11 +448,11 @@ following is an example of a Bourne shell script that will do this.
     kdclist = "kerberos-1.mit.edu kerberos-2.mit.edu"
-    kdb5_util dump /usr/local/var/krb5kdc/slave_datatrans
+    kdb5_util dump /usr/local/var/krb5kdc/replica_datatrans
     for kdc in $kdclist
-        kprop -f /usr/local/var/krb5kdc/slave_datatrans $kdc
+        kprop -f /usr/local/var/krb5kdc/replica_datatrans $kdc
 You will need to set up a cron job to run this script at the intervals
diff --git a/doc/mitK5defaults.rst b/doc/mitK5defaults.rst
index 308fbbd..65d904e 100644
--- a/doc/mitK5defaults.rst
+++ b/doc/mitK5defaults.rst
@@ -35,16 +35,16 @@ Replica KDC propagation defaults
 This table shows defaults used by the :ref:`kprop(8)` and
 :ref:`kpropd(8)` programs.
-==========================  ==============================  ===========
-Description                 Default                         Environment
-==========================  ==============================  ===========
-kprop database dump file    |kdcdir|\ ``/slave_datatrans``
+==========================  ================================  ===========
+Description                 Default                           Environment
+==========================  ================================  ===========
+kprop database dump file    |kdcdir|\ ``/replica_datatrans``
 kpropd temporary dump file  |kdcdir|\ ``/from_master``
 kdb5_util location          |sbindir|\ ``/kdb5_util``
 kprop location              |sbindir|\ ``/kprop``
 kpropd ACL file             |kdcdir|\ ``/kpropd.acl``
-kprop port                  754                             KPROP_PORT
-==========================  ==============================  ===========
+kprop port                  754                               KPROP_PORT
+==========================  ================================  ===========
 .. _paths:
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index bf32458..6522422 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -226,6 +226,7 @@ typedef unsigned char   u_char;
 #define KRB5_CONF_IPROP_MASTER_ULOGSIZE        "iprop_master_ulogsize"
 #define KRB5_CONF_IPROP_PORT                   "iprop_port"
 #define KRB5_CONF_IPROP_RESYNC_TIMEOUT         "iprop_resync_timeout"
+#define KRB5_CONF_IPROP_REPLICA_POLL           "iprop_replica_poll"
 #define KRB5_CONF_IPROP_SLAVE_POLL             "iprop_slave_poll"
 #define KRB5_CONF_K5LOGIN_AUTHORITATIVE        "k5login_authoritative"
 #define KRB5_CONF_K5LOGIN_DIRECTORY            "k5login_directory"
diff --git a/src/include/osconf.hin b/src/include/osconf.hin
index 391f48d..c24717b 100644
--- a/src/include/osconf.hin
+++ b/src/include/osconf.hin
@@ -125,7 +125,7 @@
  * krb5 replica support follows
-#define KPROP_DEFAULT_FILE KDC_DIR "/slave_datatrans"
+#define KPROP_DEFAULT_FILE KDC_DIR "/replica_datatrans"
 #define KPROPD_DEFAULT_FILE KDC_DIR "/from_master"
 #define KPROPD_DEFAULT_KDB5_UTIL "@SBINDIR/kdb5_util"
diff --git a/src/kprop/replica_update b/src/kprop/replica_update
index 69e7bd4..a8b4944 100644
--- a/src/kprop/replica_update
+++ b/src/kprop/replica_update
@@ -7,7 +7,7 @@
diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c
index e2d8f77..3f6b536 100644
--- a/src/lib/kadm5/alt_prof.c
+++ b/src/lib/kadm5/alt_prof.c
@@ -804,7 +804,11 @@ krb5_error_code kadm5_get_config_params(krb5_context context,
-                     KRB5_CONF_IPROP_SLAVE_POLL, 2 * 60); /* 2m */
+                     KRB5_CONF_IPROP_REPLICA_POLL, -1);
+    if (params.iprop_poll_time == -1) {
+        GET_DELTAT_PARAM(iprop_poll_time, KADM5_CONFIG_POLL_TIME,
+                         KRB5_CONF_IPROP_SLAVE_POLL, 2 * 60);
+    }
     *params_out = params;
diff --git a/src/tests/t_iprop.py b/src/tests/t_iprop.py
index 92e22b9..46cb075 100755
--- a/src/tests/t_iprop.py
+++ b/src/tests/t_iprop.py
@@ -114,27 +114,27 @@ def check_ulog(num, first, last, entries, env=None):
 # DB and ulog file.
 conf = {'realms': {'$realm': {'iprop_enable': 'true',
                               'iprop_logfile': '$testdir/db.ulog'}}}
-conf_rep1 = {'realms': {'$realm': {'iprop_slave_poll': '600',
+conf_rep1 = {'realms': {'$realm': {'iprop_replica_poll': '600',
                                    'iprop_logfile': '$testdir/ulog.replica1'}},
              'dbmodules': {'db': {'database_name': '$testdir/db.replica1'}}}
 conf_rep1m = {'realms': {'$realm': {'iprop_logfile': '$testdir/ulog.replica1',
                                     'iprop_port': '$port8'}},
               'dbmodules': {'db': {'database_name': '$testdir/db.replica1'}}}
-conf_rep2 = {'realms': {'$realm': {'iprop_slave_poll': '600',
+conf_rep2 = {'realms': {'$realm': {'iprop_replica_poll': '600',
                                    'iprop_logfile': '$testdir/ulog.replica2',
                                    'iprop_port': '$port8'}},
              'dbmodules': {'db': {'database_name': '$testdir/db.replica2'}}}
 conf_foo = {'libdefaults': {'default_realm': 'FOO'},
             'domain_realm': {hostname: 'FOO'}}
-conf_rep3 = {'realms': {'$realm': {'iprop_slave_poll': '600',
+conf_rep3 = {'realms': {'$realm': {'iprop_replica_poll': '600',
                                    'iprop_logfile': '$testdir/ulog.replica3',
                                    'iprop_port': '$port8'},
                         'FOO': {'iprop_logfile': '$testdir/ulog.replica3'}},
             'dbmodules': {'db': {'database_name': '$testdir/db.replica3'}}}
 krb5_conf_rep4 = {'domain_realm': {hostname: 'FOO'}}
-conf_rep4 = {'realms': {'$realm': {'iprop_slave_poll': '600',
+conf_rep4 = {'realms': {'$realm': {'iprop_replica_poll': '600',
                                    'iprop_logfile': '$testdir/ulog.replica4',
                                    'iprop_port': '$port8'}},
              'dbmodules': {'db': {'database_name': '$testdir/db.replica4'}}}
cvs-krb5 mailing list

