kadm5_ret_t kadm5_get_privs(void *server_handle, u_int32 *privs);
Return the caller's admin server privileges in the integer pointed to by the argument. The Admin API does not define any way for a principal's privileges to be set. Note that this function will probably be removed or drastically changed in future versions of this system.
The returned value is a bitmask indicating the caller's privileges:
Privilege | Symbol | Value |
Get | KADM5_PRIV_GET | 0x01 |
Add | KADM5_PRIV_ADD | 0x02 |
Modify | KADM5_PRIV_MODIFY | 0x04 |
Delete | KADM5_PRIV_DELETE | 0x08 |
List | KADM5_PRIV_LIST | 0x10 |
Changepw | KADM5_PRIV_CPW | 0x20 |
There is no guarantee that a caller will have a privilege indicated by this function for any length of time or for any particular target; applications using this function must still be prepared to handle all possible KADM5_AUTH_* error codes.
In the initial MIT Kerberos version of the admin server, permissions depend both on the caller and the target; this function returns a bitmask representing all privileges the caller can possibly have for any possible target.