Draft specification for kadmind plugin API
Russ Allbery
rra at stanford.edu
Fri Apr 20 23:37:40 EDT 2007
John Hascall <john at iastate.edu> writes:
> For our needs, the same calling sequence for passowrd-check
> would work for creation:
> krb5_error_code (*created)(void *, const char *password,
> const char *principal,
> char *errstr, int errstrlen);
> but I can understand how others might need more info about
> the principal (policy? flags?) And along the same lines:
> krb5_error_code (*deleted)(void *, const char *principal,
> char *errstr, int errstrlen);
> krb5_error_code (*renamed)(void *, const char *old_principal,
> const char *new_principal,
> char *errstr, int errstrlen);
Should these be precommit or postcommit, or both?
> I do think that check/created might be better with the password
> and principal arguments swapping places though.
Yeah, that's a good idea. I'll make that change.
> I seem to recall rename being something which has come and gone a
> couple of times. I don't actually know it's status in the current
> release.
Could someone who knows fill us in on whether this would be appropriate to
have in the API?
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the krbdev
mailing list