From cd0958ec43ae34202e6540a6df175c8bb6431d78 Mon Sep 17 00:00:00 2001 From: Paul Park Date: Thu, 1 Jun 1995 18:56:03 +0000 Subject: [PATCH] Change default acl file name to a #define git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5932 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kadmin/v5server/ChangeLog | 13 +++++++++++++ src/kadmin/v5server/Makefile.in | 3 ++- src/kadmin/v5server/kadmind5.M | 21 ++++++++++++--------- src/kadmin/v5server/srv_acl.c | 5 ++++- 4 files changed, 31 insertions(+), 11 deletions(-) diff --git a/src/kadmin/v5server/ChangeLog b/src/kadmin/v5server/ChangeLog index ac32f6481..c1779510d 100644 --- a/src/kadmin/v5server/ChangeLog +++ b/src/kadmin/v5server/ChangeLog @@ -1,3 +1,16 @@ + +Thu Jun 1 14:34:41 EDT 1995 Paul Park (pjpark@mit.edu) + * srv_acl.c: Change default acl file name to be a #define. If it + is not defined, then default to /krb5/krb5_adm.acl. + * srv_key.c: Add logic to retrieve or create the database entry for + the password changing service. Subsequently, squirrel away + the key so that we do not need a srvtab. + * proto_serv.c: If no srvtab is specified, then use the squirreled + admin key so that we can live without a srvtab. + * kadm5_defs.h: Add prototype for admin key routine. + * Makefile.in: Set the default acl file to be $(KRB5ROOT)/krb5_adm.acl. + * kadmind5.M: Add description of missing flags. Removed file names. + Sun May 28 15:58:15 1995 Ezra Peisach * srv_main.c (main): Use exit instead of return from diff --git a/src/kadmin/v5server/Makefile.in b/src/kadmin/v5server/Makefile.in index d9501f545..62eb93523 100644 --- a/src/kadmin/v5server/Makefile.in +++ b/src/kadmin/v5server/Makefile.in @@ -1,4 +1,5 @@ -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) +CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) \ + -DKRB5_DEFAULT_ACL_FILE='"'$(KRB5ROOT)$(S)krb5_adm.acl'"' LDFLAGS = -g COMERRLIB=$(BUILDTOP)/util/et/libcom_err.a diff --git a/src/kadmin/v5server/kadmind5.M b/src/kadmin/v5server/kadmind5.M index 0bcea0da7..d494ec436 100644 --- a/src/kadmin/v5server/kadmind5.M +++ b/src/kadmin/v5server/kadmind5.M @@ -43,6 +43,12 @@ enctype .B \-k mkeytype ] [ +.B \-p +port +] [ +.B \-r +realm +] [ .B \-t timeout ] [ @@ -83,7 +89,7 @@ Indicates that the master key name is to be entered manually. specifies the encryption type which is to be used. .IP \-T .B keytab -specifies the name of the service key table. +specifies the name of the service key table. .PP .B ACL flag .IP \-a @@ -92,12 +98,16 @@ specifies the location of the ACL file. This file controls remote principals' abilities to perform administrative functions. See the ACL FILE section below for the format of this file. .PP -.B Connection flag +.B Connection flags .IP \-t Indicates that the server is to terminate a connection if it remains inactive for .B timeout seconds. +.IP \-p +Indicates that the administrative server is to listen on port +.B port +instead of the default port. .PP .B Debugging flags .IP \-D @@ -191,13 +201,6 @@ The catchall entry. The applies to all principals and indicates that they may change their own passwords. This entry is the default entry. -.SH FILES -.TP 2i -/krb5/principal.* -the default location of the database. -.TP 2i -/etc/krb5_adm.acl -the default location of the ACL file. .SH SEE ALSO kpasswd(1), kadmin5(8) .SH BUGS diff --git a/src/kadmin/v5server/srv_acl.c b/src/kadmin/v5server/srv_acl.c index 583543459..f6d90cf78 100644 --- a/src/kadmin/v5server/srv_acl.c +++ b/src/kadmin/v5server/srv_acl.c @@ -63,7 +63,10 @@ static const aop_t acl_op_table[] = { static aent_t *acl_list_head = (aent_t *) NULL; static aent_t *acl_list_tail = (aent_t *) NULL; -static const char *acl_default_file = "/etc/krb5_adm.acl"; +#ifndef KRB5_DEFAULT_ACL_FILE +#define KRB5_DEFAULT_ACL_FILE "/krb5/krb5_adm.acl"; +#endif /* KRB5_DEFAULT_ACL_FILE */ +static const char *acl_default_file = KRB5_DEFAULT_ACL_FILE; static const char *acl_acl_file = (char *) NULL; static int acl_inited = 0; static int acl_debug_level = 0; -- 2.26.2