Principal DB Size

[Ken Raeburn]

On Jun 14, 2004, at 18:11, Brian Sathianathan wrote:
> I am doing some testing with adding a  few million user entries in the 
> KDC principal database , I did use kadmin.local to input data into the 
> database . The problem I have now is , when the principal DB reaches 
> the size of 4294967296 bytes it gets corrupted , The questions are

Uh oh.  Exceeding 4G on a 32-bit system may not be handled well in the 
current DB code, from the sounds of it.  (For that matter, even if it's 
a 64-bit system, there may be enough 32-bit types used that it can't do 
bigger files.)  I'm disappointed that the code didn't detect the error, 
but I can't claim to be terribly surprised.

Even if we don't fix the code to support large files, we should 
probably try to make it detect the problem and try to restore the old 
database state.  I'm not sure how tough that will be.

> 1. How do you recover such a corrupted database (I tried kdb5_util 
> did'nt help)

We don't currently have any program to grovel over the database and 
pull out the non-corrupted entries.  Without knowing specifics of the 
corruption itself, that's probably the best that could be done -- pull 
out what data is still available, try to put it back into a new 
database, and try not to trip the same bug again (i.e., don't add 
anything new).  But it'd require going over the low-level details of 
the database format and figuring out what to look for in the raw 
database file.

> 2. Is there any limit on the no of users you can add or the size of 
> the principal DB

Apparently. :-(

Ken