krb5 commit: Don't dump policies if principals are specified
Greg Hudson
ghudson at mit.edu
Sat Oct 20 01:00:07 EDT 2018
https://github.com/krb5/krb5/commit/911d592a85cb5d4e793c83cf702178d14ac21e6d
commit 911d592a85cb5d4e793c83cf702178d14ac21e6d
Author: Greg Hudson <ghudson at mit.edu>
Date: Mon Oct 15 18:32:31 2018 -0400
Don't dump policies if principals are specified
If kdb5_util dump is asked to filter for specific principals, do not
dump the policy database.
ticket: 8752 (new)
src/kadmin/dbutil/dump.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c
index c792afd..86e046c 100644
--- a/src/kadmin/dbutil/dump.c
+++ b/src/kadmin/dbutil/dump.c
@@ -1453,7 +1453,8 @@ dump_db(int argc, char **argv)
goto error;
}
- if (dump->dump_policy != NULL) {
+ /* Don't dump policies if specific principal entries were requested. */
+ if (dump->dump_policy != NULL && args.nnames == 0) {
ret = krb5_db_iter_policy(util_context, "*", dump->dump_policy, &args);
if (ret) {
com_err(progname, ret, _("performing %s dump"), dump->name);
More information about the cvs-krb5
mailing list