Skip Menu |

Download (untitled) / with headers
text/plain 2.6KiB
From Thu Oct 10 01:30:38 1996
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU []) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id BAA25942 for <bugs@RT-11.MIT.EDU>; Thu, 10 Oct 1996 01:30:37 -0400
Received: from by MIT.EDU with SMTP
id AA26286; Thu, 10 Oct 96 01:30:36 EDT
Received: from ( []) by (8.8.0/8.7.3) with SMTP id BAA23173 for <>; Thu, 10 Oct 1996 01:30:35 -0400 (EDT)
Message-Id: <>
Date: Thu, 10 Oct 1996 01:30:27 -0400 (EDT)
From: "Randall S. Winchester" <>
To: krb5-bugs@MIT.EDU
Subject: default_principal_flags: how to use - Krb5 beta6

Show quoted text
>Number: 90
>Category: krb5-doc
>Synopsis: default_principal_flags: how to use - Krb5 beta6
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Thu Oct e 01:31:01 EDT 1996
>Last-Modified: Thu Sep 13 21:35:28 EDT 2001
>Originator: "Randall S. Winchester" <>
>Release: beta6
greping through the source I found the following.

static const char flags_pdate_in[] = "postdateable";
static const char flags_fwd_in[] = "forwardable";
static const char flags_renew_in[] = "renewable";
static const char flags_proxy_in[] = "proxiable";
static const char flags_pdate_out[] = "Not Postdateable";
static const char flags_fwd_out[] = "Not Forwardable";
static const char flags_renew_out[] = "Not renewable";
static const char flags_proxy_out[] = "Not proxiable";
static const char flags_default_neg[] = "-";
static const char flags_default_sep[] = " ";

Much latter I found the krb5strings manpage, but it does not get installed.

From the kdc.conf man page I am assuming one can add something like the
following to the [realms] area:

default_principal_flags = -forwardable -proxiable "Not renewable"

or some such. However I do not seem to be able to get anything to pay
attention to this. In particular I would like to be able to turn off
forwarding, but "kinit -f", "rlogin -f" and a subsequent "klist -f"
all show forwardable or forwarded tickets.

What am I missing?


Show quoted text

Responsible-Changed-From-To: gnats-admin->krb5-unassigned
Responsible-Changed-By: tytso
Responsible-Changed-When: Mon Nov 4 15:01:35 1996
Responsible-Changed-Why: This is a documentation bug....

Show quoted text
Subject: [ #90] fixed for Kerberos 1.3
Date: Thu, 30 Jan 2003 15:12:12 -0500 (EST)
From: (Sam Hartman)

Many years ago, you complained about the documentation for the
default_principal_flags configuration variable in kdc.conf. This has
been properly documented for Kerberos 1.3.