Heimdal 1.5.2 problem

Robert Simmons rsimmons0 at gmail.com
Fri May 11 02:41:58 UTC 2012

I've just installed the new version of Heimdal, 1.5.2 from ports, and
I'm having a problem.

As in the past, BerkeleyDB needs to be enabled with make config so
that there is a backend.  However, I'm still getting the error as if
BerkeleyDB was not enabled, and there is no backend support.

I've followed this process to get to this point:

# cd /usr/ports/security/heimdal
# make config
 *at this point, I've just made sure that BDB and cracklib support are compiled.
# make install
# mkdir /var/db/heimdal
# chmod 600 /var/db/heimdal

Then the following is added to /etc/rc.conf

This is my /etc/krb5.conf
   default_realm = HOME
   default_etypes = aes256-cts-hmac-sha1-96
       kdc = kerberos.home
       admin_server = kerberos.home
       kpasswd_server = kerberos.home
   policies = builtin:minimum-length builtin:character-class
   min_length = 20
   min_classes = 4
   enable-kerberos4 = false
   enable-524 = false
   require-preauth = true
   allow-anonymous = false
   require-preauth = true
   default_keys = aes256-cts-hmac-sha1-96:pw-salt
   .home = HOME

I then created a key
# kstash --enctype=aes256-cts-hmac-sha1-96 --random-key

Then tried to initialize the realm:
# /usr/local/sbin/kadmin -l
kadmin> init HOME
kadmin: hdb_open: hdb_open: failed initialize database /var/db/heimdal/heimdal

This is the error I get.  Also, after performing this failed init, the
database is actually created in /var/db/heimdal
# ll /var/db/heimdal
total 24
-rw-------  1 root  wheel  16384 May 10 19:56 heimdal.db
-rw-------  1 root  wheel      0 May 10 19:18 heimdal.lock
-rw-------  1 root  wheel    264 May 10 19:17 kdc.log
-rw-------  1 root  wheel     73 May 10 19:18 m-key

According to PR 154711, I've done everything correct, but I'm still
getting the error.

All of the regular dependencies are satisfied:
autoconf-2.68, autoconf-wrapper-20101119, gettext-,
libiconv-1.14, libtool-2.4.2, m4-1.4.16,1, perl-5.12.4_4,

And, this is the version of BerkeleyDB that it compiles and installs
to satisfy the BDB backend that I enabled during config:

Has anyone else successfully installed Heimdal 1.5.2 from ports on
FreeBSD 9.0?  What did you do differently than me?

More information about the freebsd-hackers mailing list