You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
On Fedora 40 the new (312) version of lynis outputs the message,
kadmin.local: unable to get default realm
This occurs during the Kerberos section but is not affected by "2>&1" redirection,
so goes to the "terminal" or preceding/calling process output (eg. in my case cron).
I assume it's coming directly from the kadmin.local binary so there probably needs
to be a test of krb config before this is called & not called at all under conditions
where krb is not used.
However I'm sure there could be circumstances where a bad actor might hide a krb
config & potentially use it for secure channels/auth.
Version
Distribution Fedora 40 (fc40)
Lynis version 3.1.2-1.fc40
Expected behavior
The (error?) message should be appropriately directed, & able to be redirected, when
kadmin.local is being called from within lynis.
In my case where there is no krb config it should probably not occur.
ie. an attempt to get the "default realm" will fail & so probably should not even be
attempted.
Output
kadmin.local: unable to get default realm
Additional context
Followed the 312 version install on FC40 after the "grep usage" messages were fixed.
The text was updated successfully, but these errors were encountered:
Describe the bug
On Fedora 40 the new (312) version of lynis outputs the message,
This occurs during the Kerberos section but is not affected by "2>&1" redirection,
so goes to the "terminal" or preceding/calling process output (eg. in my case cron).
I assume it's coming directly from the kadmin.local binary so there probably needs
to be a test of krb config before this is called & not called at all under conditions
where krb is not used.
However I'm sure there could be circumstances where a bad actor might hide a krb
config & potentially use it for secure channels/auth.
Version
Expected behavior
The (error?) message should be appropriately directed, & able to be redirected, when
kadmin.local is being called from within lynis.
In my case where there is no krb config it should probably not occur.
ie. an attempt to get the "default realm" will fail & so probably should not even be
attempted.
Output
kadmin.local: unable to get default realm
Additional context
Followed the 312 version install on FC40 after the "grep usage" messages were fixed.
The text was updated successfully, but these errors were encountered: