How do we like our base kerberos? Will it flee soon?
Leon Meßner
l.messner at physik.tu-berlin.de
Fri Nov 12 18:19:15 UTC 2010
On Fri, Nov 12, 2010 at 06:03:33PM +0100, Joerg Pulz wrote:
> On Fri, 12 Nov 2010, Leon Meßner wrote:
>
> > On Thu, Nov 11, 2010 at 04:22:57PM +0100, Joerg Pulz wrote:
> >> On Wed, 10 Nov 2010, Leon Meßner wrote:
> > Did exactly as told and everything worked fine. Im currently in the
> > process of rebuilding gssapi dependent software. Will tell if it fixed
> > my issue.
>
> Hi,
>
> good to hear that everything went fine for you.
> If you're using 8.x you should remove some of the leftover kerberos/gssapi
> libraries by yourself as the ObsoleteFiles list is still incomplete in
> 8.x and 'make delete-old delete-old-libs' will not remove everything.
> E.g.
> in /usr/lib and /usr/lib32
> libasn1* libgssapi* libhdb* libheimntlm* libhx509*
> libkadm5* libkafs5* libkrb5*
> in /usr/libexec
> kcm
It looks like i do also still have the old kerberos tools (kinit,kadmin
etc.) in the base prefix and they do now segfault:
/libexec/ld-elf.so.1: Shared object "libkafs5.so.10" not found, required
by "kinit"
# ls /usr/local/lib/libkafs*
/usr/local/lib/libkafs.a /usr/local/lib/libkafs.la
/usr/local/lib/libkafs.so /usr/local/lib/libkafs.so.5
> Btw.
> If you're using security/cyrus-sasl2 with GSSAPI please take a look at
> PR/152071.
Using that. Patch applied and build cleanly. saslauthd starts as
expected.
But i do have some problems now getting tickets. This machine is a
kerberos slave. if i start ipropd-slave with local kdc running i get:
krb5_get_init_creds: Client
(iprop/lise.physik-pool.tu-berlin.de at PCPOOL.PHYSIK.TU-BERLIN.DE) unknown
when local kdc is not running authentication works but i get:
ipropd-slave[28610]: connection successful to master:
marie.physik-pool.tu-berlin.de[130.149.58.147]
ipropd-slave[28610]: ipropd-slave started at
version: 10166
ipropd-slave[28610]: db->open:
dbm_open(/var/heimdal/heimdal): Inappropriate file type or format
Which i can understand because the db is at /var/heimdal/heimdal.db
which in turn is correctly specified in /etc/krb5.conf. Are there any
config syntax changes between 0.6.3 and 1.4, so i have to modify my
krb5.conf ?
Thanks,
Leon
More information about the freebsd-questions
mailing list