[1463] in Kerberos_V5_Development
Re: Beta 7 release not happening today
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Thu Aug 1 15:55:08 1996
Date: Thu, 1 Aug 1996 15:54:47 -0400
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: tytso@MIT.EDU
Cc: krbcore@MIT.EDU
In-Reply-To: <9607262014.AA11307@dcl.MIT.EDU> (tytso@MIT.EDU)
* kdb5_util has a lousy user interface; some commands use the
-d on the command line. Other commands require that
ignore the -d on the command line, and use the -d on the
ss subcommand line.
You're right, it is pretty confusing. The sub-commands that take -d
are load_db and load_v4_db. My thinking was that you rarely wanted to
load a database on top of another one that already exists (in fact the
code will fail when you try this, which may also be a bug).
Generally, you want to run "load file foo into database bar." But
this does contradict the overall paradigm of specifying the one
database name for the program's invocation on the command line. Hmmm,
I'll have to think about it more.
* The dejagnu test suite needs to be updated to use kdb5_util.
* The dejagnu test suite should actually try testing the
kadmin/kadmind --- at least in some superficial manner.
OV's test suite for kadm5 is pretty extensive. The testing scripts
depend on inhereting a number of environment variables from the make
system, however, so vendor makes generally won't suffice.
* kdb5_util, when importing a V4 database, needs to create all
of the magic kadmin principals.
In fact, it needs to create the magic kadm5 principals when it imports
anything older than a beta 7 database. Done.
It's not clear to me
whether it should create the policy database, too.
It should, as does loading any other pre-beta 7 database. Done.
* kadmind needs to print english messages when there's missing
items in the kdc.conf file. Most system administrators
aren't mind readers, and won't know that "(2000)" means
that they need to add a acl_file line to the kdc.conf.
It took me a second to figure this one out...
2000 is the hex value of the bit mask of the configuration variables
that are missing; KADM5_CONFIG_ACL_FILE is 0x2000. Since the required
relations in kdc.conf are clearly defined in kadmind.8, I don't think
it is necessary for kadmind to unparse this integer into a string;
therefore, I just removed the part of the message that contains the
hex value.
(Why isn't there a sensible default for this, anyway?)
The only "sensible" default acl I can think of for the admin server is
the empty acl, which allows everyone to retrieve their own principal
and policy record and change their own password. I suppose you could
argue this is "useful", but it doesn't allow any administrator to do
anything, which is after all the purpose of the kadm5 system. Thus, I
don't think it is "sensible." Some acl entries will be required, so a
default acl is not necessary.
* kadmin/kadmind should be run under purify, if this hasn't been
done already
I have run the server-side API unit tests under Purify, and run the
client-side API unit tests against a server which was under Purify. I
fixed all errors and *most* memory leaks; when I was done, the most
substantial memory leaks were in libkdb.a, and I sent bug reports
about them.
Barry
