[krbdev.mit.edu #2594] "rlogin" and "rsh" don't read the section "appdefault" in krb5.conf
The RT System itself via RT
rt-comment at krbdev.mit.edu
Wed Jun 9 18:21:51 EDT 2004
>From krb5-bugs-incoming-bounces at mit.edu Wed Jun 9 18:21:39 2004
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.9.3p2) with ESMTP
id SAA12991; Wed, 9 Jun 2004 18:21:38 -0400 (EDT)
Received: from pch.mit.edu (localhost [127.0.0.1])
by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id i59MLcl1007492
for <krb5-send-pr at krbdev.mit.edu>; Wed, 9 Jun 2004 18:21:38 -0400 (EDT)
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU
[18.7.7.76])
by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id i59DWhl1021594
for <krb5-bugs-incoming at PCH.mit.edu>;
Wed, 9 Jun 2004 09:32:43 -0400 (EDT)
Received: from cirse.extra.cea.fr (cirse.extra.cea.fr [132.166.172.102])
i59DWfKn003321
for <krb5-bugs at mit.edu>; Wed, 9 Jun 2004 09:32:42 -0400 (EDT)
Received: from cincidele.saclay.cea.fr (cincidele.saclay.cea.fr
[132.166.192.111])i59DWfTA021399
for <krb5-bugs at mit.edu>; Wed, 9 Jun 2004 15:32:41 +0200 (MEST)
Received: from muguet.saclay.cea.fr (unverified) by cincidele.saclay.cea.fr
<T6a1672e27984a6c06f84c at cincidele.saclay.cea.fr> for
<krb5-bugs at mit.edu>; Wed, 9 Jun 2004 15:32:41 +0200
Received: from styx.bruyeres.cea.fr (styx-e76.bruyeres.cea.fr [132.165.76.3])
i59DWee5015291; Wed, 9 Jun 2004 15:32:40 +0200 (MEST)
Received: by styx.bruyeres.cea.fr; id PAA22004;
Wed, 9 Jun 2004 15:32:40 +0200 (MET DST)
Message-Id: <200406091332.PAA22004 at styx.bruyeres.cea.fr>
Date: Wed, 9 Jun 2004 15:31:52 +0200 (MEST)
To: krb5-bugs at mit.edu
From: alexandre.schmitt at cea.fr
X-send-pr-version: 3.99
X-Mailman-Approved-At: Wed, 09 Jun 2004 18:21:34 -0400
cc: alexandre.schmitt at cea.fr
Subject: Problem with the section "appdefault"
X-BeenThere: krb5-bugs-incoming at mit.edu
X-Mailman-Version: 2.1
Precedence: list
Reply-To: alexandre.schmitt at cea.fr
Sender: krb5-bugs-incoming-bounces at mit.edu
Errors-To: krb5-bugs-incoming-bounces at mit.edu
>Submitter-Id: net
>Originator: Alexandre Schmitt
>Organization:
CEA
>Confidential: no
>Synopsis: "rlogin" and "rsh" don't read the section "appdefault" in krb5.conf
>Severity: non-critical
>Priority: medium
>Category: krb5-appl
>Class: change-request
>Release: krb5-1.3.3
>Environment:
System: SunOS surf 5.8 Generic_114018-01 sun4u sparc SUNW,Sun-Blade-100
Architecture: sun4
>Description:
We would like to forward a forwardable ticket with the commands "rsh" and "rlogin" without using the option -F. The documentation
explains that we must use the section "appdefault" in krb5.conf:
[appdefault]
klogin = {
forwardable = true
}
kshell = {
forwardable = true
}
But this solution doesn't work...
>How-To-Repeat:
In the file "krb5.conf", we have the section:
[appdefault]
klogin = {
forwardable = true
}
kshell = {
forwardable = true
}
bash-2.05$rsh surf klist
klist: No credentials cache file found while setting cache flags
bash-2.05$
>Fix:
We must modify 2 files:
- src/appl/bsd/krlogin.c
- src/appl/bsd/krsh.c
diff krlogin.c krlogin.c.ori
392D391
< int forwardable_appdefault;
558,560d556
< krb5_appdefault_boolean(bsd_context, "klogin", NULL, "forwardable", 0, &forwardable_appdefault);
< if (forwardable_appdefault)
< Fflag++;
diff krsh.c krsh.c.ori
159d158
< int forwardable_appdefault;
363,366d361
< krb5_appdefault_boolean(bsd_context, "kshell", NULL, "Forwardable", 0, &forwardable_appdefault);
< if (forwardable_appdefault)
< Fflag++;
<
More information about the krb5-bugs
mailing list