[2870] in Kerberos-V5-bugs
krb5-admin/541: minor nit in kadmin.local bahvaiour
daemon@ATHENA.MIT.EDU (Chris P. Ross)
Thu Jan 29 16:42:24 1998
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: bjaspan@MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, cross@inverness.eng.pubnix.com
Date: Thu, 29 Jan 1998 16:41:30 -0500 (EST)
From: "Chris P. Ross" <cross@inverness.eng.pubnix.com>
Reply-To: cross@inverness.eng.pubnix.com
To: krb5-bugs@MIT.EDU
Cc: cross@inverness.eng.pubnix.com
>Number: 541
>Category: krb5-admin
>Synopsis: when kadmin.local is used, the "who modified" is "wrong"
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: bjaspan
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Thu Jan 29 16:42:00 EST 1998
>Last-Modified:
>Originator: Chris P. Ross
>Organization:
UUNET Technologies, Inc.
>Release: krb5-1.0.4
>Environment:
BSD/OS 3.1; sparc and Intel
System: BSD/OS inverness.eng.pubnix.com 3.1 BSDI BSD/OS 3.1 Kernel #1: Fri Jan 9 15:55:21 EST 1998 lidl@aphelion.va.pubnix.com:/export/src/bsdi/sys.new/compile/GENERIC.sparc_v9 sparc_v9
>Description:
When kadmin.local is used to enter a new principal, it puts something
it constructs into the "who" part of the "Last modified" tag. In some cases,
this may not be a valid principal, tho it looks like it is.
>How-To-Repeat:
Take a user that doesn't exist in the db. Become root on the server
as that user, and create a user@REALM principal with kadmin.local. Then,
getprinc on that user. It will show a "user/admin@REALM" under "Last
modified:". But, user/admin@REALM doesn't actually exist...
>Fix:
Make it say something to indicate that no kerberos authentication was
done on the user who made/modified the principal being examined.
>Audit-Trail:
>Unformatted:
