On Mon, Nov 19, 2001 at 06:13:44PM +0000, Simon Wilkinson wrote: > Nicolas Williams ([EMAIL PROTECTED]) wrote: > : A little work with SWIG should yield a Perl module to access the kadm5 > : library directly. There is such a thing already for Heimdal's kadm5 > : library, but the MIT/Heimdal APIs are different enough that that module > : won't work with MIT krb5. > > There have been some folk looking at this, that I've been corresponding > with. In particular, someone was looking at adding support to the existing > Authen::Krb5 perl module to add the kadmin structures. I'll see if I can > find out what progress has been made, as I'm likely to need this for local > use fairly soon!
We've got some preliminary SWIG stuff done -- needs work. > : In the meantime, it really sucks that there's nothing better than > : parsing the output of kadmin to see if an operation succeeded or not. > > I've not tried this - but does kadmin -q not return reasonable result > codes, and if not, could it be made to? Nope. It doesn't. Making it do so would require extensive changes to the MIT code as the problem is that the command-line interaction utility library (libss?) doesn't expect nor pass back any errors from the functions actually implementing commands. So ktutil and other interactive tools would need updating... Also, it's not very efficient to fork off a new kadmin for every request, and if -q were changed to mean "all remaining args are kadmin commands" then how could kadmin's exit value reflect the results of the individual commands? Nah, an interface to Perl, Tcl, etc.. is needed. > Cheers, > > Simon. Cheers, Nico -- -DISCLAIMER: an automatically appended disclaimer may follow. By posting- -to a public e-mail mailing list I hereby grant permission to distribute- -and copy this message.- Visit our website at http://www.ubswarburg.com This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments.
