From b7b4105e51e0e73a0e01015ad443d5f80580b707 Mon Sep 17 00:00:00 2001 From: Marc Burns Date: Fri, 16 Mar 2012 15:15:59 -0400 Subject: [PATCH 1/3] This modification causes ceod to add the Kerberos principal. It returns an error code to ceoc, which I will now fix. --- src/kadm.c | 36 ++++++++++++++++++++++++++++-------- 1 file changed, 28 insertions(+), 8 deletions(-) diff --git a/src/kadm.c b/src/kadm.c index 44af913..74b46ac 100644 --- a/src/kadm.c +++ b/src/kadm.c @@ -36,22 +36,42 @@ void ceo_kadm_cleanup() { int ceo_add_princ(char *user, char *password) { krb5_error_code retval; - krb5_principal princ; - memset((void *) &princ, 0, sizeof(princ)); debug("kadmin: adding principal %s", user); - if ((retval = krb5_parse_name(context, user, &princ))) { - com_err(prog, retval, "while parsing principal name"); + // Added March 2012: Change behavior of ceod to add the kerberos principal. + kadm5_policy_ent_rec defpol; + kadm5_principal_ent_rec princ; + + memset((void*) &princ, 0, sizeof(princ)); + + if ((retval = kadm5_get_policy(handle, "default", &defpol))) { + com_err(prog, retval, "while retrieving default policy"); + return retval; + } + kadm5_free_policy_ent(handle, &defpol); + + princ.policy = "default"; + + if ((retval = krb5_parse_name(context, user, &princ.principal))) { + com_err(prog, retval, "while parsing user name"); return retval; } - if ((retval = kadm5_chpass_principal(handle, princ, password))) { - com_err(prog, retval, "while creating principal"); - return retval; + long flags = KADM5_POLICY | KADM5_PRINCIPAL; + if ((retval = kadm5_create_principal(handle, &princ, flags, password))) { + if(retval == KADM5_DUP) { + if ((retval = kadm5_chpass_principal(handle, princ.principal, password))) { + com_err(prog, retval, "while setting principal password"); + return retval; + } + } else { + com_err(prog, retval, "while creating principal"); + return retval; + } } - krb5_free_principal(context, princ); + krb5_free_principal(context, princ.principal); return 0; } From 094efa9d93d54a444fa2f0b5dd7715266c57e4d7 Mon Sep 17 00:00:00 2001 From: Marc Burns Date: Fri, 16 Mar 2012 15:30:09 -0400 Subject: [PATCH 2/3] Commit modified changelog. --- debian/changelog | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/debian/changelog b/debian/changelog index 2c9a851..2996b38 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +ceo (0.5.16+nmu1) stable; urgency=low + + * Non-maintainer upload. + * Change behavior of ceod to add Kerberos principal, + * as opposed to changing principal password. + + -- Marc Burns Fri, 16 Mar 2012 15:27:35 -0400 + ceo (0.5.16) stable; urgency=low * Fix CEO for CMC by allow mailman to be disabled. From 494ec5106a6e9f82bd140d40c986ec4b569c3f62 Mon Sep 17 00:00:00 2001 From: Marc Burns Date: Fri, 16 Mar 2012 15:36:52 -0400 Subject: [PATCH 3/3] Change ceo version. --- debian/changelog | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/debian/changelog b/debian/changelog index 2996b38..19e1156 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,5 @@ -ceo (0.5.16+nmu1) stable; urgency=low +ceo (0.5.17) stable; urgency=low - * Non-maintainer upload. * Change behavior of ceod to add Kerberos principal, * as opposed to changing principal password.