[16209] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[krbdev.mit.edu #8744] git commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Wed Dec 5 11:04:29 2018

Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: Greg Hudson via RT <rt-comment@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: <rt-8744@krbdev.mit.edu>
Message-ID: <rt-8744-49181.2.80451796559895@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #8744'":;
Date: Wed, 5 Dec 2018 11:02:33 -0500
MIME-Version: 1.0
Reply-To: rt-comment@KRBDEV-PROD-APP-1.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu


Document necessary delay in master key rolllover

During master key rollover, if the old master key is purged
immediately after updating principal encryption, running processes may
not successfully update their in-memory copies of the master key.
Document that the administrator should delay purging the master key
until after propagation and some daemon activity.

(cherry picked from commit 24425b730161c3d27d86a7ae0caa2305f70167f6)

https://github.com/krb5/krb5/commit/91f331c507f6d36906b8432485b9b639c31ebff2
Author: Greg Hudson <ghudson@mit.edu>
Commit: 91f331c507f6d36906b8432485b9b639c31ebff2
Branch: krb5-1.17
 doc/admin/database.rst |    4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16209] in Kerberos-V5-bugs

[krbdev.mit.edu #8744] git commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)Wed Dec 5 11:04:29 2018

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Wed Dec 5 11:04:29 2018