User-Visible kstart Changes
kstart 3.16 (2010-01-19)
Add the -L option to k5start and krenew, saying to log messages to
syslog as well as standard output or standard error.
Correctly set the ticket cache path in k5start when the -k option was
not given, fixing a NULL pointer dereference when the -o, -g, or -m
options were given without -k. Thanks, Garrett Wollman.
Allow the argument to -k to start with FILE: and strip off that prefix
to form the ticket cache name. -k still forces its argument to be a
file-based cache, however; FILE: is the only cache type designator
supported. Use the KRB5CCNAME environment variable for other ticket
cache types.
k5start and krenew now say, in -h output, if they will attempt to
create a new AFS PAG for commands run in combination with -t (enabled
by --enable-setpag), allowing one to determine whether that support
was compiled in.
Include the proper header for signal handling functions, fixing a
build problem on Solaris 9. Thanks, Tim Bishop.
Avoid Heimdal functions marked as deprecated. Also fix the test suite
to pass with Heimdal user space.
Update to rra-c-util 2.2:
* Add GCC function attributes alloc_size, malloc, and nonnull.
* Use AC_TYPE_LONG_LONG_INT instead of AC_CHECK_TYPES([long long]).
kstart 3.15 (2009-08-15)
k5start and krenew now catch SIGALRM and immediately refresh the
ticket cache upon receiving it, even if the ticket isn't expired.
Add the -i option to krenew, which says to keep running even if there
is an error renewing the ticket cache. This is useful if the ticket
cache renewed by krenew may expire and then later be renewed (such as
with a manual kinit) and krenew is expected to wake up again and
process the new ticket cache.
Re-run aklog even if the ticket is still valid when -H is used in
combination with -t. We don't check whether the token is valid, so
it's safer to always re-run aklog. We may be setting a token in a new
PAG using an existing ticket cache.
Fail with an error rather than a segfault if MIT Kerberos is unable to
determine a default local realm for an unqualified principal. Based
on a patch from Jason Funk.
Add example krenew-agent script, which runs krenew for a given ticket
cache if it isn't already running. Contributed by Tim Skirvin.
Correctly declare message_fatal_cleanup extern, fixing compilation
problems on some platforms (particularly Mac OS X).
Document that the -b flag to all programs also changes directories to
/ and any paths should therefore be absolute.
Add support for the old Heimdal krb5_get_error_string interface.
Thanks, Chaskiel Grundman.
Fix some timing issues with the test suite that caused spurious
failures on fast systems and try to make it more robust in the face of
different process scheduling. This probably still isn't perfect.
k4start is now built optionally based on whether Kerberos v4 libraries
are available, removing the need for --disable-k4start if no Kerberos
v4 libraries are present. The option is still supported to explicitly
disable building k4start even if Kerberos v4 libraries are found.
Enable Automake silent rules. For a quieter build, pass the
--enable-silent-rules option to configure or build with make V=0.
Update to rra-c-util 2.0:
* Redo build system for kafs replacement library and add tests.
* Add --with-libkafs-include and --with-libkafs-lib configure options.
* Add --with-afs-include and --with-afs-lib configure options.
* Sanity-check the results of krb5-config before proceeding.
* Fall back on manual probing if krb5-config results don't work.
* Add --with-krb5-include and --with-krb5-lib configure options.
* Add --with-krb4-include and --with-krb4-lib configure options.
* Don't break if the user clobbers CPPFLAGS at build time.
* Provide a proper bool type with Sun Studio 12 on Solaris 10.
* Change AC_TRY_* to AC_*_IFELSE as recommended by Autoconf.
* Add strlcpy, strlcat, and setenv replacements.
* Fix open call parameters in daemon portability test.
* Update portable and util test suite for C TAP Harness 1.1.
Update to C TAP Harness 1.1:
* Rewrite of all test cases to use the new TAP library support.
* Much improved and simplified builddir != srcdir test suite support.
* Support running a single test with tests/runtests -o.
* Summarize results at the end of test executions.
* Correctly handle completely skipped tests, like docs/pod.
* Better reporting of fatal errors in the test suite.
* Consume all output from a test case before closing its descriptor.
* Support aspell for spelling tests and skip them by default.
kstart 3.14 (2008-07-22)
Add -F and -P options to k5start to force the tickets to not be
forwardable or proxiable, regardless of library defaults. This can be
necessary if one's krb5.conf defaults to forwardable or proxiable
tickets but service principals aren't allowed to get such tickets.
kstart 3.13 (2008-05-28)
As of this release, k4start should be considered frozen. I will still
fix bugs where possible, but it is no longer tested before releases
and new features added to k5start and krenew will not be added to
k4start.
If the environment variable AKLOG is set, use its value as the path to
the aklog program to run when -t is given to k5start or krenew. If
AKLOG is set, always run that program unless -n was given in k4start.
This environment variable replaces the badly-named KINIT_PROG,
although KINIT_PROG is still supported for backward compatibility.
Remove the restriction that -o, -g, and -m may not be used with -K or
a command. The MIT Kerberos libraries have removed the restriction
about ticket cache ownership and this now works properly. However,
each authentication changes the permissions, so reset the ownership
and permissions whenever we renew the cache. Thanks, Howard
Wilkinson.
Strip a leading FILE: or WRFILE: prefix from the ticket cache name
when changing the ownership or permissions. Based on a patch from
Howard Wilkinson.
Fix a portability problem with Heimdal introduced in the previous
release (Heimdal wants krb5_cc_copy_cache, not krb5_cc_copy_creds).
Thanks, Jason White.
Include a dummy object in libportable to avoid build failures on
systems that don't need any portability functions (such as Mac OS X).
kstart 3.12 (2008-04-23)
krenew, when running a command, first copies the current ticket cache
to a private cache for that command so that it will be unaffected by
later destruction of the cache (such as by user logout). The private
cache is deleted when the command exits.
Fix problems with command-line parsing in k4start and k5start that
led to treating a provided command as a principal in some situations.
Allow for getopt() implementations that don't strip the -- argument
if it occurs after the first non-option (such as on at least older
Solaris).
k5start now uses krb5_cc_destroy() rather than unlink to clean up the
ticket cache when necessary.
Fix multiple problems with the libkafs and AFS system call checks
on platforms other than Linux that caused the libraries to leak into
the global LIBS and include checks done without the AFS include
paths.
Fix the ordering of LDFLAGS to avoid accidentally linking with the
AFS com_err library and ensure the AFS syscall layer is built with
the right CPPFLAGS.
If KRB5_CONFIG was explicitly set in the environment, don't use a
different krb5-config based on --with-krb4 or --with-krb5. If
krb5-config isn't executable, don't use it. This allows one to
force library probing by setting KRB5_CONFIG to point to a
nonexistent file.
Sanity-check the results of krb5-config before proceeding and error
out in configure if they don't work.
Fix Autoconf syntax error when probing for libkrb5support. Thanks,
Mike Garrison.
kstart 3.11 (2008-04-10)
Add a -c option to k4start, k5start, and krenew, which writes out the
PID of the child process when running a command. This is similar to
-p, but writes out the command PID rather than the PID of k4start,
k5start, or krenew. Based on a patch by Sascha Tandel.
Add a -H option to krenew that works similarly to the -H option for
k5start: checking whether the remaining lifetime of the ticket is
already long enough, only renewing if it isn't, and exiting with a
status indicating whether the resulting ticket had a sufficiently long
lifetime. Based on a patch by Gautam Iyer.
Add -o, -g, and -m options to k4start and k5start to set the owner,
group, and mode of the ticket cache after creation. These options
cannot be used with a specified command or with -K since, after making
those changes, the Kerberos library won't permit reading or writing to
the ticket cache. Based on a patch by Howard Wilkinson.
Significantly update the AFS setpag support. The option to build with
AFS setpag support is now --enable-setpag. On most platforms, if
libkafs is not found, kstart uses an internal AFS system call
implementation that doesn't require linking with the AFS libraries.
The AFS libraries are used only on AIX and IRIX. On platforms other
than Linux, pass --with-afs to configure to specify the location of
the AFS include files and libraries.
Redo the build machinery for Kerberos v4 and Kerberos v5 libraries to
take advantage of portability improvements from other projects.
kstart will now hopefully build with AIX's Kerberos libraries and get
more of the edge cases right. Instead of --with-kerberos, use
--with-krb5 to specify the path to the Kerberos v5 libraries and
--with-krb4 to specify the path to the Kerberos v4 libraries.
After backgrounding, reauthenticate if necessary before writing out
the PID file in case we need tickets or tokens to write the file.
Close the keytab after determining the principal with k5start -U.
--enable-static is no longer supported. This is generally unnecessary
and complex to support in combination with other options.
kstart now has a basic test suite, although not all functionality is
tested yet. See README and tests/data/README for information on how
to enable the tests that are there.
kstart 3.10 (2007-04-10)
Fix compilation error with a new enough MIT Kerberos to support
krb5_get_error_message and with et/com_err.h instead of com_err.h
(such as Fedora Core 6). Thanks, Stefan Foerster.
Rework the configure script to use AS_IF instead of explicit if
statements, which allows Autoconf to do better dependency analysis.
kstart 3.9 (2007-03-02)
Separate authenticating from running aklog in k4start, k5start, and
krenew. Just because we have a valid ticket cache doesn't mean that
we already have a token since we just created a new PAG. If running
aklog was requested, always do so even if we didn't get new tickets.
kstart 3.8 (2007-03-02)
Allow -H to be used with a command in k4start and k5start. In this
case, check the existing ticket cache and authenticate if it's stale,
then run the command in either case. This is useful when running
several commands with the same credentials at near the same time. It
reduces Kerberos traffic and avoids service ticket requests being
rejected as possible relay attacks.
Support the new MIT Kerberos error message functions.
Overhaul the build system. Use Automake, use a better strategy for
dealing with portability issues, and factor duplicate code out into
shared files.
kstart 3.7 (2007-01-28)
Correctly honor the argument to -H for k4start and k5start. This was
lost during an earlier code restructuring. Thanks to Thomas Weiss for
the bug report.
Document that -K will renew a ticket if it will expire within two
minutes of the next wakeup, not just if it will expire before the next
wakeup.
kstart 3.6 (2006-10-04)
Call k_hasafs before k_setpag in builds with the kafs functions.
Without calling k_hasafs first, k_setpag may fail or die with a
signal. Thanks to Thomas Kula for the bug report.
Document in the man pages when a new PAG is created.
Avoid $< in non-pattern rules. This doesn't work with some non-GNU
makes.
kstart 3.5 (2006-06-13)
When invoked to run a command, k4start, k5start, and krenew now
propagate HUP, TERM, and QUIT signals to the child process rather than
just exiting. These signals do not terminate k4start, k5start, or
krenew any longer, but of course they will exit if the signal causes
the child process to exit. Patch from Adam Megacz.
Minor Makefile updates to support Autoconf 2.60.
kstart 3.4 (2006-05-05)
k5start now rechecks the ticket cache and possibly reauthenticates
after backgrounding itself when running as a daemon. This works
around the loss of the ticket cache after backgrounding on Mac OS X
with the default ticket cache type.
Force the use of a file ticket cache in k5start and krenew if the -k
option is given. The code was assuming that a file ticket cache was
the default, which may not always be the case.
Document in the krenew man page that the -b option may not do what one
desires on Mac OS X and suggest an alternative that doesn't detach
from the current session.
krenew no longer runs aklog unless the -t flag was given. Previously,
due to a bug, it would skip running aklog the first time unless -t was
given but would then always run aklog if either a compiled-in default
or a default from the environment were available.
kstart 3.3 (2006-04-10)
Add a missing <stdarg.h> include that caused compilation failures on
OS X in krenew and could have led to latent problems on other
platforms.
Clarify that the DIR argument to --with-afs-setpag is optional in
configure --help output.
kstart 3.2 (2006-03-05)
Revert the -g feature. MIT Kerberos refuses to use ticket caches not
owned by the running process, removing the usefulness of the feature,
and a bug in its implementation was causing k5start and krenew to not
run aklog when they should.
kstart 3.1 (2006-02-23)
Add the -g flag to k5start and krenew to make the ticket cache
group-readable. This is useful for maintaining a ticket cache shared
by multiple automated processes on the same host running as different
users (such as Mailman).
kstart 3.0 (2006-01-22)
Add a krenew command that acts like k5start except that it uses an
existing ticket cache and just renews it.
Don't check the executability of the aklog program before running it,
as this prevents people from configuring aklog programs that include
flags.
Add a -h flag to all programs to display the usage message and exit.
Report the compiled aklog path in usage output.
kstart 2.9 (2006-01-01)
Improved error handling when using Heimdal and clearer formatting with
any Kerberos implementation. Use krb5_err and krb5_warn functions
always and provide replacements when using MIT Kerberos.
Significantly improved Kerberos library probes. Use krb5-config where
available to get Kerberos libraries and compiler flags unless
--enable-reduced-depends or --enable-static are used, and support MIT
Kerberos 1.4 with --enable-static.
Add the --enable-reduced-depends configure option to try to minimize
the shared library dependencies of the resulting binaries on platforms
with proper shared library dependencies. This is of interest
primarily to people building packages for distributions.
AFS setpag support no longer requires linking with pthreads and also
supports the Heimdal or KTH libkafs library as a source of setpag.
Ported to systems that require sys/time.h be included instead of
time.h (Tru64 4.0 in particular).
Attempt better portability to KTH Kerberos installs that build their
own DES library rather than using OpenSSL.
Included a spec file for RPM builds, contributed by Buck Huppmann.
kstart 2.8 (2005-08-09)
Added the -b option to both k4start and k5start to background after
the initial authentication. Added the -p option to both k4start and
k5start to save the PID of the process in a file. Both were based on
code by Navid Golpayegani.
-p is no longer accepted as a synonym for -s (this synonym was never
documented).
kstart 2.7 (2005-06-04)
Fixed a bug in k5start introduced in 2.4 that broke -H handling and
getting a specific service ticket, and which caused k5start to make an
additional bogus request for the wrong service on each authentication.
kstart 2.6 (2005-06-03)
Finished the port to Heimdal. k5start error reporting should now work
correctly, as should handling of krb5.conf defaults.
Added the -U flag to k5start, telling it to figure out the client
principal by looking in the provided keytab rather than expecting it
on the command line, making it easier to write scripts that use the
system keytab.
Added the --disable-k4start flag to configure to make it easier to
build only k5start (particularly useful if one only has Heimdal and
not KTH Kerberos).
kstart 2.5 (2005-05-01)
Unless -k is given, k4start and k5start both now create a temporary
ticket cache file with mkstemp and delete it on exit when running a
command, to not interfere with other ticket caches owned by the same
user.
k5start now correctly sets KRB5CCNAME when running aklog or a
command.
Ported to Heimdal and KTH Kerberos, somewhat. Error handling in
k5start still won't produce good error messages because the
differences between MIT and Heimdal are more profound than I can
easily adjust for.
Documentation improvements, particularly in the area of specifying
commands to run.
kstart 2.4 (2005-04-25)
Renamed kstart to k4start to avoid a conflict with a KDE program.
This is more symmetric with k5start anyway.
Added support to both k4start and k5start for running a program after
obtaining Kerberos credentials and optionally AFS tokens. This mode
is like the -K mode, except that k4start or k5start will exit when the
program it ran exits. Added preliminary support for creating a PAG
for the command to run in.
Minor cleanups and bug fixes to both programs. Exit earlier if unable
to determine the principal, add newlines to the end of some verbose
trace messages, and fix error reporting after Ctrl-C in k4start.
Internal code refactoring, reorganization, and cleanup.
kstart 2.3 (2005-02-22)
Fixed make install with a separate build directory. The Makefile must
look for the man pages in the source directory.
Don't include Debian packaging rules in the standard distribution (per
recommended best practices for maintaining Debian packages with rules
in the upstream CVS).
kstart 2.2 (2004-07-29)
Removed the various Stanford-specific banners that these programs
inherited from our local kinit. In normal use of kstart or k5start,
there's no need to check for whether the session is encrypted (and the
relevant environment variables are normally not set anyway).
Similarly, since there's only one kstart and k5start, there isn't the
need to distinguish from another by printing out a Stanford banner.
Added Debian package build rules.
Significantly improved the man pages.
Substantial code cleanup of both kstart and k5start. Both now follow
my current C coding standards, include far less portability cruft, and
include far fewer unnecessary headers.
kstart 2.1 (2002-12-29)
No code changes. Added a README file with installation instructions
and a license.
kstart 2.0 (2002-12-29)
First release that includes k5start, an equivalent version of kstart
for Kerberos v5.
kstart 1.19 (2001-06-14)
Added a fudge factor to make sure the ticket is refreshed before it
expires. The same factor also applies to -H, so -H will detect
tickets that are about to expire.
kstart 1.17 (2001-01-16)
Fixed a bug in obtaining a ticket from a srvtab.
kstart 1.16 (2000-10-17)
Added the -H option to check whether a ticket has expired, and fix
bugs in the detection of expired tickets.
kstart 1.13 (2000-04-19)
Diagnose errors when running aklog. Better portability and use of
Autoconf.
kstart 1.10 (1999-09-01)
Set KRBTKFILE when -k is used so that aklog can find the ticket.
kstart 1.8 (1997-10-17)
Add support for long-term ticket maintenance as a daemon, the -K and
-k options.
kstart 1.7 (1997-07-23)
Change default location of aklog and documentation fixes.
kstart 1.5 (1996-04-10)
Portability to Solaris. Change the usage message to indicate that
lifetime is in minutes, not seconds.
kstart 1.3 (1995-06-05)
Add a password prompt for the -s option and remove implied -q.
