[krbdev.mit.edu #4354] db2 policy database loading broken
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Wed Sep 27 21:10:24 EDT 2006
I thought I'd done a better job of fixing this up after the DAL merge,
but apparently not....
The "kdb5_util load" process, using the db2 back end, creates a new
database (if the main db is "/foo/bar", it creates "/foo/bar~") to
load new entries into, and then renames it to replace the original
database.
The db implementation actually uses multiple files, "bar" for the
principal data, "bar.kadm5" for the policy data, and lock files and
such. So for the temporary database, it's "bar~.kadm5" etc.
Unfortunately, it appears that policy data being loaded gets written
to "bar.kadm5" instead of "bar~.kadm5", so it gets thrown away when we
do the rename, and we're left with an empty policy database.
This should be fixed for 1.6.
Ken
More information about the krb5-bugs
mailing list