[3324] in Kerberos
v5 acl files unveiled (for those still wondering :)
daemon@ATHENA.MIT.EDU (Jason Gabler)
Tue May 24 05:35:11 1994
To: kerberos@MIT.EDU
Date: Tue, 24 May 1994 08:42:43 GMT
From: ccjason@quadrophenia.ucdavis.edu (Jason Gabler)
Since there seems to be no info out there on the v5 ACL files, after bouts
of frustration, I muddle thru the kadmin/d code, saerched backwards and
found the followign info.
default acl file: /krb5/admin_acl_file
(found in kr5-beta3/include/osconf.h)
acl file format: principal/instance@realm permissions
for example: ccjason/admin@cc.ucdavis.edu acimd
(found mostly in kr5-beta3/kadmin/server/adm_check.c)
Where "acimd" are the permisisons for Adding, Change-Password,
Inquiry, Modify, Delete, or a '*' for all privilages.
I hope I didnt bore the gurus, but I;ve seen a few requests about this
lingering about.
--
Vale,
jason
.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.
`Jason Gabler jygabler@ucdavis.edu `
'campus office: 916-752-9215 home office: 916-753-7553 '
'Distributed Computing Analysis & Support Kerberos/Security '
`Information Technology, UCDavis X Windows Programming & Support`
'Davis, California, 95616 USA DCN/Wheel.dcn Sys Admin '
`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`
` "Cousin! Congratulations! Your ship has finally hit the fan!" - Balky `
`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`
