rpms/krb5
5
0
Fork 0
Code Issues Pull Requests Releases Activity

- update to 1.4.1, incorporating fixes for CAN-2005-0468 and CAN-2005-0469

Browse Source 
- when starting the KDC or kadmind, if KRB5REALM is set via the
    /etc/sysconfig file for the service, pass it as an argument for the -r
    flag
This commit is contained in:
Nalin Dahyabhai 2005-05-06 20:16:06 +00:00
parent 9142032a6f
commit 2e8f6b3b97
8 changed files with 24 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.cvsignore
View File

@ -5,3 +5,5 @@ krb5-1.3.6.tar.gz
krb5-1.3.6.tar.gz.asc
krb5-1.4.tar.gz
krb5-1.4.tar.gz.asc
krb5-1.4.1.tar.gz
krb5-1.4.1.tar.gz.asc

1
kadmin.sysconfig
View File

@ -1 +1,2 @@
KADMIND_ARGS=
KRB5REALM=

4
kadmind.init
View File

@ -37,12 +37,12 @@ start() {
else
if [ ! -f /var/kerberos/krb5kdc/kadm5.keytab ] ; then
echo -n $"Extracting kadm5 Service Keys: "
/usr/kerberos/sbin/kadmin.local -q "ktadd -k /var/kerberos/krb5kdc/kadm5.keytab kadmin/admin kadmin/changepw" && success || failure
/usr/kerberos/sbin/kadmin.local ${KRB5REALM:+-r $KRB5REALM} -q "ktadd -k /var/kerberos/krb5kdc/kadm5.keytab kadmin/admin${KRB5REALM:+@$KRB5REALM} kadmin/changepw${KRB5REALM:+@$KRB5REALM}" && success || failure
echo
fi
fi
echo -n $"Starting $prog: "
daemon ${kadmind} $KADMIND_ARGS
daemon ${kadmind} ${KRB5REALM:+-r ${KRB5REALM}} $KADMIND_ARGS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/kadmin

6
krb5-1.3-rlogind-environ.patch
View File

@ -36,16 +36,16 @@ KRB5CCNAME, which we set ourselves.
fatalperror(f, "failed make_sane_hostname");
if (passwd_req)
- execl(login_program, "login", "-p", "-h", rhost_sane,
- lusername, 0);
- lusername, (char *)NULL);
+ execle(login_program, "login", "-p", "-h", rhost_sane,
+ lusername, NULL, bare_environ);
else
- execl(login_program, "login", "-p", "-h", rhost_sane,
- "-f", lusername, 0);
- "-f", lusername, (char *)NULL);
+ execle(login_program, "login", "-p", "-h", rhost_sane,
+ "-f", lusername, NULL, bare_environ);
#else /* USE_LOGIN_F */
- execl(login_program, "login", "-r", rhost_sane, 0);
- execl(login_program, "login", "-r", rhost_sane, (char *)NULL);
+ execle(login_program, "login", "-r", rhost_sane, NULL, bare_environ);
#endif /* USE_LOGIN_F */
syslog(LOG_ERR, "failed exec of %s: %s",

24
krb5.spec
View File

@ -6,10 +6,10 @@
Summary: The Kerberos network authentication system.
Name: krb5
Version: 1.4
Release: 3
Version: 1.4.1
Release: 1
# Maybe we should explode from the now-available-to-everybody tarball instead?
# http://web.mit.edu/kerberos/dist/krb5/1.4/krb5-1.4-signed.tar
# http://web.mit.edu/kerberos/dist/krb5/1.4/krb5-1.4.1-signed.tar
Source0: krb5-%{version}.tar.gz
Source1: krb5-%{version}.tar.gz.asc
Source2: kpropd.init
@ -60,7 +60,6 @@ Patch28: krb5-1.3.5-gethostbyname_r.patch
Patch29: krb5-1.3.5-kprop-mktemp.patch
Patch30: krb5-1.3.4-send-pr-tempfile.patch
Patch32: krb5-1.4-ncurses.patch
Patch33: krb5-MITKRB5SA-2005-001.patch
License: MIT, freely distributable.
URL: http://web.mit.edu/kerberos/www/
Group: System Environment/Libraries
@ -125,7 +124,11 @@ network uses Kerberos, this package should be installed on every
workstation.
%changelog
# - XXX krb5_init_ets is gone now, what to do?
* Fri May 6 2005 Nalin Dahyabhai <nalin@redhat.com> 1.4.1-1
- update to 1.4.1, incorporating fixes for CAN-2005-0468 and CAN-2005-0469
- when starting the KDC or kadmind, if KRB5REALM is set via the /etc/sysconfig
file for the service, pass it as an argument for the -r flag
* Wed Mar 23 2005 Nalin Dahyabhai <nalin@redhat.com> 1.4-3
- drop krshd patch for now
@ -815,9 +818,6 @@ workstation.
%patch29 -p1 -b .kprop-mktemp
%patch30 -p1 -b .send-pr-tempfile
%patch32 -p1 -b .ncurses
pushd src/appl/telnet/telnet
%patch33 -p0 -b .MITKRB5SA-2005-001
popd
cp src/krb524/README README.krb524
find . -type f -name "*.info-dir" -exec rm -fv "{}" ";"
gzip doc/*.ps
@ -980,7 +980,7 @@ fi
%config(noreplace) /etc/xinetd.d/*
%doc doc/krb5-user*.html doc/user*.ps.gz src/config-files/services.append
%doc doc/krb5-user/*.html doc/user*.ps.gz src/config-files/services.append
%doc doc/{ftp,kdestroy,kinit,klist,kpasswd,ksu,rcp,rlogin,rsh,telnet}.html
%attr(0755,root,root) %doc src/config-files/convert-config-files
%{_infodir}/krb5-user.info*
@ -1059,9 +1059,9 @@ fi
%config(noreplace) /etc/sysconfig/kadmin
%config(noreplace) /etc/sysconfig/krb524
%doc doc/admin*.ps.gz doc/krb5-admin*.html
%doc doc/krb425*.ps.gz doc/krb425*.html
%doc doc/install*.ps.gz doc/krb5-install*.html
%doc doc/admin*.ps.gz doc/krb5-admin/*.html
%doc doc/krb425*.ps.gz doc/krb425/*.html
%doc doc/install*.ps.gz doc/krb5-install/*.html
%doc README.krb524
%{_infodir}/krb5-admin.info*

2
krb5kdc.init
View File

@ -32,7 +32,7 @@ start() {
exit 0
fi
echo -n $"Starting $prog: "
daemon ${krb5kdc} $KRB5KDC_ARGS
daemon ${krb5kdc} ${KRB5REALM:+-r ${KRB5REALM}} $KRB5KDC_ARGS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/krb5kdc

1
krb5kdc.sysconfig
View File

@ -1 +1,2 @@
KRB5KDC_ARGS=
KRB5REALM=

4
sources
View File

@ -1,2 +1,2 @@
64f54aaf2f791bc2d689e3ce07874116 krb5-1.4.tar.gz
c46d18bf4c643692ee2bdac13b52ff95 krb5-1.4.tar.gz.asc
872bb55e6877d43ac8dd05f46eed62a5 krb5-1.4.1.tar.gz
d9778c6956ed2981fd1fcced5f9fec05 krb5-1.4.1.tar.gz.asc