In the Heimdal backend, recognize the new form of the Heimdal kpasswd
prompt to repeat the new password.
+ Check the existence of the principal before enabling or disabling it
+ in the Heimdal backend so that nonexistent principals report a clearer
+ error message instead of an internal error about getAttributes
+ failure.
+
kadmin-remctl 3.4 (2013-07-09)
Set the disallow-svr flag on all newly-created principals. This
$principal = "$principal/$instance" if $instance;
my $kadmin = kadmin_handle ($instance);
+ my $data = eval { $kadmin->getPrincipal ($principal) };
+ if ($@) {
+ my $error = $@ || "unknown error\n";
+ warn "error: cannot retrieve $principal: $error\n";
+ exit 1;
+ } elsif (!defined $data) {
+ warn "error: principal $principal does not exist\n";
+ exit 1;
+ }
if (!eval { $kadmin->disablePrincipal ($principal) }) {
my $error = $@ || "unknown error\n";
warn "error: cannot disable $principal: $error";
}
}
my $kadmin = kadmin_handle ($instance);
+ my $data = eval { $kadmin->getPrincipal ($principal) };
+ if ($@) {
+ my $error = $@ || "unknown error\n";
+ warn "error: cannot retrieve $principal: $error\n";
+ exit 1;
+ } elsif (!defined $data) {
+ warn "error: principal $principal does not exist\n";
+ exit 1;
+ }
eval { $kadmin->enablePrincipal ($principal) };
if ($@) {
my $error = $@ || "unknown error\n";
- warn "error: cannot enable $principal: $error\n";
+ warn "error: cannot enable $principal: $error";
exit 1;
}
}