[krbdev.mit.edu #8247] [Comment] KADM5_MISSING_KRB5_CONF_PARAMS should say which ones
Greg Hudson via RT
rt-comment at kerborg-prod-app-1.mit.edu
Sun Mar 13 01:55:54 EST 2022
http://kerborg-prod-app-1.mit.edu/rt/Ticket/Display.html?id=8247
This is a comment. It is not sent to the Requestor(s):
This error code is worse than inspecific; it's almost always wrong. The
required parameters are default_realm, master_key_type,
default_principal_flags, max_life, max_rlife, default_principal_expiration,
and supported_enctypes. But all of those parameters have defaults expect for
default_realm, and a missing default_realm causes kadm5_get_config_params() to
exit early with a different error code. The remaining parameters can only
show up as unset if they *are* set but fail to parse. (Or in some cases, not
at all; if max_life or max_rlife don't parse, the default value is silently
used instead.)
We do yield this error code if iprop_enabled is set and iprop_logfile or
iprop_port is unset; in those cases the error code is merely inspecific.
More information about the krb5-bugs
mailing list