Skip Menu |

Download (untitled) / with headers
text/plain 2.5KiB
From Wed Aug 25 16:50:37 1999
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU []) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id QAA22075 for <bugs@RT-11.MIT.EDU>; Wed, 25 Aug 1999 16:50:32 -0400
Received: from by MIT.EDU with SMTP
id AA10441; Wed, 25 Aug 99 16:50:28 EDT
Received: (from dgc@localhost)
by (8.9.3/8.9.3) id PAA04183;
Wed, 25 Aug 1999 15:50:27 -0500 (CDT)
Message-Id: <>
Date: Wed, 25 Aug 1999 15:50:26 -0500
From: David Champion <>
Reply-To: David Champion <>
To: krb5-bugs@MIT.EDU
Subject: kadmin enhancement req
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 742
>Category: krb5-admin
>Synopsis: kadmin does not exist with nonzero status
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Wed Aug 25 16:51:00 EDT 1999
>Originator: David Champion
University of Chicago
Show quoted text
>Release: krb5-1.0.6
System: SunOS smack 5.7 Generic_106541-04 sun4u sparc SUNW,Ultra-5_10
Architecture: sun4 => /usr/lib/ => /usr/lib/ => /usr/lib/ => /usr/lib/ => /usr/lib/ => /usr/lib/

Show quoted text
kadmin does not exit with nonzero status upon failure of operations
given with the -q option (or interactively, but that's not a big
problem.) Specifically, our account management system needs to be able
to send ank, modprinc, and cpw queries create, enable/disable, and
passwd principals. kadmin should exit with nonzero status when these
operations fail because of policy violations, bad passwords, or
nonexistent principals.

Show quoted text
root# /opt/sbin/kadmin -p my_princ/actmgr@REALM -w "my unfortunately exposed password" -q "ank -policy default +requires_preauth -pw bad_password new_princ@REALM"
root# echo $?
root# /opt/sbin/kadmin -p my_princ/actmgr@REALM -w "my unfortunately exposed password" -q "modprinc -expire now -allow_tix nonexistent_princ@REALM"
root# echo $?
root# /opt/sbin/kadmin -p my_princ/actmgr@REALM -w "my unfortunately exposed password" -q "cpw -pw bad_password smack@UCHICAGO.EDU"
root# echo $?

Show quoted text
Should be fairly evident....

System Administrator, etc etc.
The University of Chicago, Inc.
Show quoted text