ipa-rmkeytab returns success even when the realm passed to the program is not found in a keytab. This patch adds an explanatory error message and returns error code 5 - Principal or realm not found.
https://fedorahosted.org/freeipa/ticket/694
>From 8e37ba72a98d5b6ecbd68ef6ddae0b4c1d8bd889 Mon Sep 17 00:00:00 2001 From: Martin Kosek <mko...@redhat.com> Date: Mon, 2 May 2011 10:52:20 +0200 Subject: [PATCH] Bad return values for ipa-rmkeytab command ipa-rmkeytab returns success even when the realm passed to the program is not found in a keytab. This patch adds an explanatory error message and returns error code 5 - Principal or realm not found. https://fedorahosted.org/freeipa/ticket/694 --- ipa-client/ipa-rmkeytab.c | 7 +++++++ ipa-client/man/ipa-rmkeytab.1 | 2 +- 2 files changed, 8 insertions(+), 1 deletions(-) diff --git a/ipa-client/ipa-rmkeytab.c b/ipa-client/ipa-rmkeytab.c index 8afa9e1c4ea822554af436bf4644d717d922f56e..73a74070cf696f1e2b9fe3c8374446b68cc48441 100644 --- a/ipa-client/ipa-rmkeytab.c +++ b/ipa-client/ipa-rmkeytab.c @@ -108,6 +108,7 @@ remove_realm(krb5_context context, krb5_keytab ktid, const char *realm, int debu krb5_kt_cursor kt_cursor; char * entry_princ_s = NULL; int rval = 0; + char realm_found = FALSE; krberr = krb5_kt_start_seq_get(context, ktid, &kt_cursor); memset(&entry, 0, sizeof(entry)); @@ -128,6 +129,7 @@ remove_realm(krb5_context context, krb5_keytab ktid, const char *realm, int debu krb5_kt_end_seq_get(context, ktid, &kt_cursor); if (strstr(entry_princ_s, realm) != NULL) { + realm_found = TRUE; rval = remove_principal(context, ktid, entry_princ_s, debug); if (rval != 0) goto done; @@ -136,6 +138,11 @@ remove_realm(krb5_context context, krb5_keytab ktid, const char *realm, int debu } } + if (!realm_found) { + fprintf(stderr, _("realm not found\n")); + return 5; + } + done: return rval; diff --git a/ipa-client/man/ipa-rmkeytab.1 b/ipa-client/man/ipa-rmkeytab.1 index 71b324e060570eae5325503d07526d1effd53135..6926c7b06731de3694db9a7975533e5ded82b18f 100644 --- a/ipa-client/man/ipa-rmkeytab.1 +++ b/ipa-client/man/ipa-rmkeytab.1 @@ -84,6 +84,6 @@ The exit status is 0 on success, nonzero on error. 4 Unable to parse the principal name -5 Principal name not found in keytab +5 Principal name or realm not found in keytab 6 Unable to remove principal from keytab -- 1.7.4.4
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
