From e90120bdcbdeaa47ef23882465e6d883a79abc58 Mon Sep 17 00:00:00 2001 From: Martin Kosek Date: Mon, 2 May 2011 10:52:20 +0200 Subject: Bad return values for ipa-rmkeytab command ipa-rmkeytab returns success even when the realm passed to the program is not found in a keytab. This patch adds an explanatory error message and returns error code 5 - Principal or realm not found. https://fedorahosted.org/freeipa/ticket/694 --- ipa-client/ipa-rmkeytab.c | 8 ++++++++ ipa-client/man/ipa-rmkeytab.1 | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) (limited to 'ipa-client') diff --git a/ipa-client/ipa-rmkeytab.c b/ipa-client/ipa-rmkeytab.c index 8afa9e1c4..a6a68eaf9 100644 --- a/ipa-client/ipa-rmkeytab.c +++ b/ipa-client/ipa-rmkeytab.c @@ -19,6 +19,7 @@ #define _GNU_SOURCE #include +#include #include #include #include @@ -108,6 +109,7 @@ remove_realm(krb5_context context, krb5_keytab ktid, const char *realm, int debu krb5_kt_cursor kt_cursor; char * entry_princ_s = NULL; int rval = 0; + bool realm_found = false; krberr = krb5_kt_start_seq_get(context, ktid, &kt_cursor); memset(&entry, 0, sizeof(entry)); @@ -128,6 +130,7 @@ remove_realm(krb5_context context, krb5_keytab ktid, const char *realm, int debu krb5_kt_end_seq_get(context, ktid, &kt_cursor); if (strstr(entry_princ_s, realm) != NULL) { + realm_found = true; rval = remove_principal(context, ktid, entry_princ_s, debug); if (rval != 0) goto done; @@ -136,6 +139,11 @@ remove_realm(krb5_context context, krb5_keytab ktid, const char *realm, int debu } } + if (!realm_found) { + fprintf(stderr, _("realm not found\n")); + return 5; + } + done: return rval; diff --git a/ipa-client/man/ipa-rmkeytab.1 b/ipa-client/man/ipa-rmkeytab.1 index 71b324e06..6926c7b06 100644 --- a/ipa-client/man/ipa-rmkeytab.1 +++ b/ipa-client/man/ipa-rmkeytab.1 @@ -84,6 +84,6 @@ The exit status is 0 on success, nonzero on error. 4 Unable to parse the principal name -5 Principal name not found in keytab +5 Principal name or realm not found in keytab 6 Unable to remove principal from keytab -- cgit