Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.411 (Entity 5.404)
X-RT-Original-Encoding: iso-8859-1
Content-Length: 2700

From rsw@Glue.umd.edu  Thu Oct 10 01:30:38 1996
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id BAA25942 for <bugs@RT-11.MIT.EDU>; Thu, 10 Oct 1996 01:30:37 -0400
Received: from po2.glue.umd.edu by MIT.EDU with SMTP
	id AA26286; Thu, 10 Oct 96 01:30:36 EDT
Received: from atlantis.csc.umd.edu (rsw@atlantis.csc.umd.edu [129.2.8.129]) by po2.glue.umd.edu (8.8.0/8.7.3) with SMTP id BAA23173 for <krb5-bugs@mit.edu>; Thu, 10 Oct 1996 01:30:35 -0400 (EDT)
Message-Id: <Pine.SOL.3.95.961010012343.437D-100000@atlantis.csc.umd.edu>
Date: Thu, 10 Oct 1996 01:30:27 -0400 (EDT)
From: "Randall S. Winchester" <rsw@Glue.umd.edu>
Sender: rsw@atlantis.csc.umd.edu
To: krb5-bugs@MIT.EDU
Subject: default_principal_flags: how to use - Krb5 beta6

>Number:         90
>Category:       krb5-doc
>Synopsis:       default_principal_flags: how to use - Krb5 beta6
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    krb5-unassigned
>State:          open
>Class:          sw-bug
>Submitter-Id:   unknown
>Arrival-Date:   Thu Oct e 01:31:01 EDT 1996
>Last-Modified:  Thu Sep 13 21:35:28 EDT 2001
>Originator:     "Randall S. Winchester" <rsw@Glue.umd.edu>
>Organization:
>Release:        beta6
>Environment:
>Description:
greping through the source I found the following.

static const char flags_pdate_in[]      = "postdateable";
static const char flags_fwd_in[]        = "forwardable";
static const char flags_renew_in[]      = "renewable";
static const char flags_proxy_in[]      = "proxiable";
static const char flags_pdate_out[]     = "Not Postdateable";
static const char flags_fwd_out[]       = "Not Forwardable";
static const char flags_renew_out[]     = "Not renewable";
static const char flags_proxy_out[]     = "Not proxiable";
static const char flags_default_neg[]   = "-";
static const char flags_default_sep[]   = " ";

Much latter I found the krb5strings manpage, but it does not get installed.

From the kdc.conf man page I am assuming one can add something like the
following to the [realms] area:

default_principal_flags = -forwardable -proxiable "Not renewable"

or some such. However I do not seem to be able to get anything to pay
attention to this. In particular I would like to be able to turn off
forwarding, but "kinit -f", "rlogin -f" and a subsequent "klist -f"
all show forwardable or forwarded tickets.


What am I missing? 

Thanks,
Randall




>How-To-Repeat:
>Fix:
>Audit-Trail:

Responsible-Changed-From-To: gnats-admin->krb5-unassigned
Responsible-Changed-By: tytso
Responsible-Changed-When: Mon Nov  4 15:01:35 1996
Responsible-Changed-Why: This is a documentation bug.... 

>Unformatted: