mod_auth_kerb2 causes apache to fail to start

Da Rock freebsd-apache at
Tue Feb 27 02:51:45 UTC 2018

In theory I could submit this as a bug, but given the bug reports 
already and that have been closed without specific resolution I think 
that might not be a good idea.

AFAICT most kerberos stuff has been geared toward using heimdal, and 
little testing has been done for mit krb5. What I have is an error:

httpd: Syntax error on line 169 of /usr/local/etc/apache24/httpd.conf: 
Cannot load libexec/apache24/ into server: 
/usr/local/libexec/apache24/ Undefined symbol 

This is a new install (entire base as well) with 11.1-Release and using 
krb5 from ports.

ldd reveals:

ldd /usr/local/libexec/apache24/
/usr/local/libexec/apache24/ => /usr/lib/ (0x801208000) => /usr/lib/ (0x801427000) => /usr/local/lib/ (0x8016a5000) => /usr/lib/ (0x8018d9000) => /lib/ (0x800824000) => /usr/lib/ (0x801adb000) => /lib/ (0x801e00000) => /usr/lib/ (0x802269000) => /usr/lib/ (0x80247c000) => /lib/ (0x80271e000) => /usr/lib/ (0x80293d000) => /usr/lib/ (0x802b8a000) => /usr/lib/ (0x802db2000) => /usr/lib/ 
(0x802fb6000) => /usr/local/lib/ 
(0x8031b8000) => /usr/local/lib/ (0x8033c6000) => /lib/ (0x8035d1000)

And here we can see that the module is looking in the wrong place for 
the gssapi and krb5 libs - /usr/lib rather than /usr/local/lib.

Somewhere this is getting screwed up, and I have yet to figure out where 
- when I do I'll pass it on, but meanwhile I figured a heads up is in order.


More information about the freebsd-apache mailing list