wallet 0.7 released
Russ Allbery
rra at stanford.edu
Fri Feb 8 16:22:49 EST 2008
I'm pleased to announce release 0.7 of wallet. This software is
beta-quality and should be treated with caution. It is currently being
tested for production deployment at Stanford.
WARNING: The new client is not compatible with the old server, and the old
client will not be able to autocreate objects using the new server due to
a change in the client/server API.
The wallet is a system for managing secure data, authorization rules to
retrieve or change that data, and audit rules for documenting actions
taken on that data. Objects of various types may be stored in the wallet
or generated on request and retrieved by authorized users. The wallet
tracks ACLs, metadata, and trace information. It is built on top of the
remctl protocol and uses Kerberos GSS-API authentication. One of the
object types it supports is Kerberos keytabs, making it suitable as a
user-accessible front-end to Kerberos kadmind with richer ACL and metadata
operations.
Changes from previous release:
Add new exists and autocreate wallet server interfaces. The first
states whether a given object exists and the second attempts to create
the object using the default owner rules. Remove default owner
handling from the create interface, which is now for administrators
only. Remove server-side auto-creation of objects on get or store and
instead have the client check for object existence and call autocreate
if necessary. This removes confusion between default ACLs and
administrative object creation for users who are also on the ADMIN
ACL.
When creating a srvtab based on a just-downloaded keytab, extract the
srvtab key before merging the keytab into an existing file.
Otherwise, if the new keys had a lower kvno than the old keys
(possible after deleting and recreating the object), the wrong key
would be extracted for the srvtab.
keytab-backend now passes kadmin.local ktadd its options in a specific
order to satisfy the picky option parser.
Check naming policy on wallet object creation before checking the
default ACLs to avoid creating and stranding an ACL when the naming
policy check fails.
The current version of Net::Remctl can't handle explicit undef or the
empty string as a principal argument. Be careful not to provide a
principal argument if no principal was set. This workaround can be
removed once we depend on a later version of Net::Remctl.
Correctly enable syslog logging in wallet-backend.
Fix the example remctl configuration for keytab-backend to use the
correct script name.
You can download it from:
<http://www.eyrie.org/~eagle/software/wallet/>
Please let me know of any problems or feature requests not already listed
in the TODO file.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list