[2145] in Kerberos-V5-bugs
Problem with kadmin5
daemon@ATHENA.MIT.EDU (Nader Salehi)
Mon Aug 12 21:08:13 1996
Date: Mon, 12 Aug 1996 18:08:03 -0700
From: salehi@ISI.EDU (Nader Salehi)
To: krb5-bugs@MIT.EDU
Hi,
I am installing the beta 6 release of Kerberos here at ISI. I have
found a problem which might be interesting. I included my account
(salehi/admin@TEST.ISI.EDU) into krb5_adm.acl and gave all the rights
to modify the database. I then ran kadmin5 and tried to run "ldb".
At this point the system asked for my password everytime it wanted to
display an entry. For all other commands, which only show one entry,
I just have to enter my password once.
I looked at the source code using a debugger. It seems that the
credential cache "ccname2use" is always empty. Therefore, anytime
kadmin5 wants to get an entry, if has to ask for my password to
authenticate me. I then ran kadmin5 with the following option:
"kadmin5 -c /var/tmp/creds"
This time the program does not ask for my password anymore, but there
exist two problem; 1) It is painfully slow, and 2) the credentials are
not cached out which makes the system a little insecure.
I would appreciate it if you could provide me with some hints in this
regards and let me know wether there is due to something I did not
consider or a bug.
Best,
Nader Salehi
