profile library gotchas

[Miro Jurisic]

I recently found two interesting behaviors in the profile library 
which should at least be documented for posterity, if not corrected:

1. iterating and deleting doesn't delete everything

A loop such as this:

while (profile_iterator_next (iter, &name, &value)) {
	profile_clear_relation (profile, name, value);
}

does not delete all items that the iterator would have returned. It 
leaves one item behind.

This can be worked around by running the loop twice -- the second 
time around the loop deletes the one remaining item

2. deleting multiple relations interferes with iterators

If you have a section which contains more than one value for a key 
and some of those values are the same, such as:

ATHENA = {
	kdc = x
	kdc = y
	kdc = x
	kdc = z
}

and you try to delete them all with the same loop as above, you will 
fail, because the first call to clear_relation will delete both 
instances of kdc=x, but the iterator will return the second instance 
later, so when you try to delete the second instance again, you get 
an error and the loop fails.

This can be worked around by ignoring a specific error when returned 
by profile_iterator_next in such loops (but I forget the exact error. 
NO_RELATION, probably).

This is a problem because the same behavior is exhibited when you 
have more than one krb5.conf in the profile path, and they contain 
some duplicate information. So, if your /etc/krb5.conf has kdc = x 
and kdc = y, and your ~/krb5.conf has kdc = x and kdc = z, then a 
loop that tried to delete them all fails on the second kdc = x.

meeroh
-- 

<http://web.meeroh.org/> | KB1FMP

If you have received this email in error, please add some nutmeg and 
egg whites, whisk and place in a warm oven for 40 minutes.