[1188] in Kerberos
Re: Database Frobbing (was Re: What are a principal's attributes used for?)
daemon@ATHENA.MIT.EDU (Jon A. Rochlis)
Wed Dec 19 00:36:35 1990
From: jon@MIT.EDU (Jon A. Rochlis)
To: martin@iastate.edu (Calsyn Martin Robert)
Cc: kerberos@MIT.EDU
In-Reply-To: Your message of 17 Dec 90 14:32:20 +0000.
Date: Wed, 19 Dec 90 00:00:34 EST
Deleting principals is a particular nuisance. Jon, is there
a particular reason why kdb_edit, or some such program, doesn't support
a delete operation. The underlying database systems (dbm, ndbm) are
certainly capable of it.
Simple conservatism. If it's difficult to delete principals then it's
not likely to happen unless you really want it to.
Am I breaking a design constraint if I add such a function?
Not as long as you're will to come in at 3:00am and pick up the pieces
when a bug in Moira deletes half of your Kerberos database. We'd
rather delete people from Moira, remove their mailing list pointer,
etc, (all of which can be undone easily) and then at our lesiure
delete principals from the Kerberos databse by doing a dump/awk/join
cycle. It's up to you to weigh the tradeoffs for yourself. Our call
won't make everyone happy.
-- Jon
