krb5 commit: Add the kprop-port option to kadmind
Greg Hudson
ghudson at mit.edu
Mon Jul 18 13:29:06 EDT 2016
https://github.com/krb5/krb5/commit/7ed18b1e5a11a514461be2281ff884e8173299b1
commit 7ed18b1e5a11a514461be2281ff884e8173299b1
Author: Matt Rogers <mrogers at redhat.com>
Date: Fri Jul 15 10:17:45 2016 -0400
Add the kprop-port option to kadmind
The -k option for kadmind sets the port number that kprop is spawned
with during an iprop full resync. Fall back to checking the
KPROP_PORT environment variable if the option is not set.
ticket: 8456 (new)
doc/admin/admin_commands/kadmind.rst | 6 ++++++
src/kadmin/server/ipropd_svc.c | 6 +++---
src/kadmin/server/ovsec_kadmd.c | 11 ++++++++++-
3 files changed, 19 insertions(+), 4 deletions(-)
diff --git a/doc/admin/admin_commands/kadmind.rst b/doc/admin/admin_commands/kadmind.rst
index acf25e3..f5b7733 100644
--- a/doc/admin/admin_commands/kadmind.rst
+++ b/doc/admin/admin_commands/kadmind.rst
@@ -16,6 +16,7 @@ SYNOPSIS
[**-P** *pid_file*]
[**-p** *kdb5_util_path*]
[**-K** *kprop_path*]
+[**-k** *kprop_port*]
[**-F** *dump_file*]
DESCRIPTION
@@ -101,6 +102,11 @@ OPTIONS
specifies the path to the kprop command to use to send full dumps
to slaves in response to full resync requests.
+**-k** *kprop_port*
+ specifies the port by which the kprop process that is spawned by kadmind
+ connects to the slave kpropd, in order to transfer the dump file during
+ an iprop full resync request.
+
**-F** *dump_file*
specifies the file path to be used for dumping the KDB in response
to full resync requests when iprop is enabled.
diff --git a/src/kadmin/server/ipropd_svc.c b/src/kadmin/server/ipropd_svc.c
index 62a0a2b..76d3fda 100644
--- a/src/kadmin/server/ipropd_svc.c
+++ b/src/kadmin/server/ipropd_svc.c
@@ -36,6 +36,7 @@ extern short l_port;
extern char *kdb5_util;
extern char *kprop;
extern char *dump_file;
+extern char *kprop_port;
static char *reply_ok_str = "UPDATE_OK";
static char *reply_err_str = "UPDATE_ERROR";
@@ -392,10 +393,9 @@ ipropx_resync(uint32_t vers, struct svc_req *rqstp)
DPRINT("%s: exec `kprop -r %s -f %s %s' ...\n",
whoami, handle->params.realm, dump_file, clhost);
- /* XXX Yuck! */
- if (getenv("KPROP_PORT")) {
+ if (kprop_port != NULL) {
pret = execl(kprop, "kprop", "-r", handle->params.realm, "-f",
- dump_file, "-P", getenv("KPROP_PORT"), clhost, NULL);
+ dump_file, "-P", kprop_port, clhost, NULL);
} else {
pret = execl(kprop, "kprop", "-r", handle->params.realm, "-f",
dump_file, clhost, NULL);
diff --git a/src/kadmin/server/ovsec_kadmd.c b/src/kadmin/server/ovsec_kadmd.c
index 89bf4e6..bf780dc 100644
--- a/src/kadmin/server/ovsec_kadmd.c
+++ b/src/kadmin/server/ovsec_kadmd.c
@@ -72,6 +72,7 @@ int nofork = 0;
char *kdb5_util = KPROPD_DEFAULT_KDB5_UTIL;
char *kprop = KPROPD_DEFAULT_KPROP;
char *dump_file = KPROP_DEFAULT_FILE;
+char *kprop_port = NULL;
static krb5_context context;
static char *progname;
@@ -86,7 +87,7 @@ usage()
fprintf(stderr, _("Usage: kadmind [-x db_args]* [-r realm] [-m] [-nofork] "
"[-port port-number]\n"
"\t\t[-proponly] [-p path-to-kdb5_util] [-F dump-file]\n"
- "\t\t[-K path-to-kprop] [-P pid_file]\n"
+ "\t\t[-K path-to-kprop] [-k kprop-port] [-P pid_file]\n"
"\nwhere,\n\t[-x db_args]* - any number of database "
"specific arguments.\n"
"\t\t\tLook at each database documentation for "
@@ -433,6 +434,11 @@ main(int argc, char *argv[])
if (!argc)
usage();
kprop = *argv;
+ } else if (strcmp(*argv, "-k") == 0) {
+ argc--, argv++;
+ if (!argc)
+ usage();
+ kprop_port = *argv;
} else {
break;
}
@@ -529,6 +535,9 @@ main(int argc, char *argv[])
}
}
+ if (kprop_port == NULL)
+ kprop_port = getenv("KPROP_PORT");
+
krb5_klog_syslog(LOG_INFO, _("starting"));
if (nofork)
fprintf(stderr, _("%s: starting...\n"), progname);
More information about the cvs-krb5
mailing list