You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Many applications supply a "schema upgrade" script that is used then the application is updated. Typically, this makes any needed changes to the backend database schema or database elements that the new version of the application needs.
In the case of Heimdal, while the schema itself rarely changes, there have been times when new system principals need to be added, for example, WELLKNOWN/ANONYMOUS and WELLKNOWN/org.h5l.fast-cookie@WELLKNOWN:ORG.H5L. The upgrade script would, if these principals are missing, add them.
At the very least, a script that reports potential problems would be helpful (e.g., "Hey: you are missing the principal WELLKNOWN/ANONYMOUS!").
The text was updated successfully, but these errors were encountered:
Perhaps we should make kadm5_s_init_with_password_ctx() do all upgrade work. That way just starting kadmind or @elric1's krb5_admind, or even kadmin -l should upgrade.
On the other hand, having kadmin -l do this every time might be annoying. And kadmind calls that function on every connection.
So maybe we should just have an explicit kadmin -l upgrade.
Many applications supply a "schema upgrade" script that is used then the application is updated. Typically, this makes any needed changes to the backend database schema or database elements that the new version of the application needs.
In the case of Heimdal, while the schema itself rarely changes, there have been times when new system principals need to be added, for example,
WELLKNOWN/ANONYMOUS
andWELLKNOWN/org.h5l.fast-cookie@WELLKNOWN:ORG.H5L
. The upgrade script would, if these principals are missing, add them.At the very least, a script that reports potential problems would be helpful (e.g., "Hey: you are missing the principal
WELLKNOWN/ANONYMOUS
!").The text was updated successfully, but these errors were encountered: