config file verification tool
Mark Phalan
Mark.Phalan at sun.com
Fri Mar 5 06:25:44 EST 2010
On 02/24/10 02:44 PM, Zhanna Tsitkova wrote:
> Hello, A new kerberos configuration file validation tool is now
> checked-in under src/util/confvalidator/validator.py.
>
> First, the configuration file is parsed (confparser.py) and validated
> against formating errors (such as mismatching brackets) Then the list
> of the allowed configuration attributes is compiled from k5-int.h (
> based on KRB5_CONF_xxx macros in 1.8 ) and rules.yml ("Attributes:"
> section) Finally, the kerberos configuration file is validated
> against this list of the allowed strings. If the error, or something
> that validator does not understand, is found then the warning is
> issued in the tree-like form indicating the layer where the problem
> has occurred.
>
> Your comments/feedback will be very much appreciated.
Sounds great. It would be nice if some of this functionality could be
included in libkrb5 itself so that a more detailed error message could
be generated on a krb5.conf parse error.
Any plans to do that?
Thanks,
-M
More information about the krbdev
mailing list