Skip Menu |
 

Download (untitled) / with headers
text/plain 2.6KiB
From rsw@Glue.umd.edu Thu Oct 10 01:30:38 1996
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id BAA25942 for <bugs@RT-11.MIT.EDU>; Thu, 10 Oct 1996 01:30:37 -0400
Received: from po2.glue.umd.edu by MIT.EDU with SMTP
id AA26286; Thu, 10 Oct 96 01:30:36 EDT
Received: from atlantis.csc.umd.edu (rsw@atlantis.csc.umd.edu [129.2.8.129]) by po2.glue.umd.edu (8.8.0/8.7.3) with SMTP id BAA23173 for <krb5-bugs@mit.edu>; Thu, 10 Oct 1996 01:30:35 -0400 (EDT)
Message-Id: <Pine.SOL.3.95.961010012343.437D-100000@atlantis.csc.umd.edu>
Date: Thu, 10 Oct 1996 01:30:27 -0400 (EDT)
From: "Randall S. Winchester" <rsw@Glue.umd.edu>
Sender: rsw@atlantis.csc.umd.edu
To: krb5-bugs@MIT.EDU
Subject: default_principal_flags: how to use - Krb5 beta6

Show quoted text
>Number: 90
>Category: krb5-doc
>Synopsis: default_principal_flags: how to use - Krb5 beta6
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Thu Oct e 01:31:01 EDT 1996
>Last-Modified: Thu Sep 13 21:35:28 EDT 2001
>Originator: "Randall S. Winchester" <rsw@Glue.umd.edu>
>Organization:
>Release: beta6
>Environment:
>Description:
greping through the source I found the following.

static const char flags_pdate_in[] = "postdateable";
static const char flags_fwd_in[] = "forwardable";
static const char flags_renew_in[] = "renewable";
static const char flags_proxy_in[] = "proxiable";
static const char flags_pdate_out[] = "Not Postdateable";
static const char flags_fwd_out[] = "Not Forwardable";
static const char flags_renew_out[] = "Not renewable";
static const char flags_proxy_out[] = "Not proxiable";
static const char flags_default_neg[] = "-";
static const char flags_default_sep[] = " ";

Much latter I found the krb5strings manpage, but it does not get installed.

From the kdc.conf man page I am assuming one can add something like the
following to the [realms] area:

default_principal_flags = -forwardable -proxiable "Not renewable"

or some such. However I do not seem to be able to get anything to pay
attention to this. In particular I would like to be able to turn off
forwarding, but "kinit -f", "rlogin -f" and a subsequent "klist -f"
all show forwardable or forwarded tickets.


What am I missing?

Thanks,
Randall




Show quoted text
>How-To-Repeat:
>Fix:
>Audit-Trail:

Responsible-Changed-From-To: gnats-admin->krb5-unassigned
Responsible-Changed-By: tytso
Responsible-Changed-When: Mon Nov 4 15:01:35 1996
Responsible-Changed-Why: This is a documentation bug....

Show quoted text
>Unformatted:
To: rt@krbdev.mit.edu
Subject: [krbdev.mit.edu #90] fixed for Kerberos 1.3
Date: Thu, 30 Jan 2003 15:12:12 -0500 (EST)
From: hartmans@mit.edu (Sam Hartman)
RT-Send-Cc:


Many years ago, you complained about the documentation for the
default_principal_flags configuration variable in kdc.conf. This has
been properly documented for Kerberos 1.3.