[Bug 688464] Re: Wrong default path for kpropd.acl in kpropd man page
Launchpad Bug Tracker
688464 at bugs.launchpad.net
Tue May 31 13:25:12 UTC 2011
This bug was fixed in the package krb5 - 1.9+dfsg-1ubuntu1
---------------
krb5 (1.9+dfsg-1ubuntu1) oneiric; urgency=low
* Merge from debian unstable. Remaining changes:
- Build for multiarch, with pre-depends on multi-arch support virtual package.
- Add Breaks: on old versions fo external packages (i.e., ssd) using
/usr/lib/krb5 due to the path tranisition.
krb5 (1.9+dfsg-1) unstable; urgency=low
* New upstream version
* Pull in krb5 1.9 branch as of 03/16/2011
- Include updates in 1.8.3+dfsg-4, 1.8.3+dfsg-5, 1.8.3+dfsg-6
- Include fixes for trace logging
* Since Debian does not and will not ever build with edirectory
support, remove documentation of edirectory commands from the man
page. Closes: #580502
* Includes IPv6 support for kadmind, Closes: #595796
* Upstream 1.9 supports hooks for password change and synchronization,
Closes: #588968
* LDAP now supports stash creation after db cretaion, Closes: #484808
* Krb5 1.9 supports including files from krb5.conf, Closes: #429692
krb5 (1.9+dfsg~beta2-1) experimental; urgency=low
* New upstream release
* Fix default location of kpropd.acl in kpropd.M (LP: #688464)
* Ignore PACs without a server signature generated by OS X Open
Directory rather than failing authentication, Closes: #604925
* New exported API: krb5_tkt_creds_get
krb5 (1.9+dfsg~beta1-1) experimental; urgency=low
* New upstream release
* No longer use symbols files for libkadm5 ad libkdb5: these libraries
change very rapidly and tend to change soname each major release.
Symbols files will be introduced if they make sense again.
* Update symbols for libkrb5-3: note that several internal functions
have disappeared. These functions were not part of the public ABI
which remains stable
* Update library package names based on soname changes
krb5 (1.8.3+dfsg-6) unstable; urgency=low
* Fix double free with pkinit on KDC, CVE-2011-0284, Closes: #618517
* Updated Danish debconf translations, thanks Joe Dalton, Closes:
#584282
-- Chuck Short <zulcss at ubuntu.com> Mon, 02 May 2011 16:23:50 +0100
** Changed in: krb5 (Ubuntu)
Status: Triaged => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0284
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/688464
Title:
Wrong default path for kpropd.acl in kpropd man page
Status in “krb5” package in Ubuntu:
Fix Released
Bug description:
--Ubuntu Release: 8.04 Hardy
--Package Version:
krb5-kdc:
Installed: 1.6.dfsg.3~beta1-2ubuntu1.5
Candidate: 1.6.dfsg.3~beta1-2ubuntu1.5
Version table:
*** 1.6.dfsg.3~beta1-2ubuntu1.5 0
500 http://gb.archive.ubuntu.com hardy-updates/universe Packages
500 http://security.ubuntu.com hardy-security/universe Packages
100 /var/lib/dpkg/status
1.6.dfsg.3~beta1-2ubuntu1 0
500 http://gb.archive.ubuntu.com hardy/universe Packages
--What happened:
There is a discrepancy between the default location of kpropd.acl specified in the kpropd man page, and the actual default location that the program reads.
from the man page for kpropd:
FILES
kpropd.acl Access file for kpropd; the default location is KPROPD_ACL_FILE (normally
/usr/local/var/krb5kdc/kpropd.acl). Each entry is a line containing the
principal of a host from which the local machine will allow Kerberos database
propagation via kprop.
Strace shows that kpropd is actually looking for the file in /etc/krb5kdc/:
root at tribble:/etc/xinetd.d# strace -F kpropd -Sd 2>&1 |grep 'open.*acl'
open("/etc/krb5kdc/kpropd.acl", O_RDONLY) = -1 ENOENT (No such file or directory)
--What I expected to happen:
The man page and the program agree.
More information about the foundations-bugs
mailing list