Building Heimal without using ports

Robert Fitzpatrick robert at
Sat Mar 20 12:21:46 PST 2004

On Sat, 2004-03-20 at 12:20, Oliver Eikemeier wrote:
> Matthew Seaman wrote:
> > Robert,
> [...]
> > Do you already have any version of OpenLDAP installed?  I've tried to
> > reproduce what you saw in your earlier post, but defining WITH_LDAP
> > makes evrything link against as expected for me:
> > 
Yes, I have these packages that resulted from 'portupgrade
openldap-2.1.23'. Heimdal and Cyrus-SASL were also portupgrade'd to
0.6_2 and 2.1.18 respectively. All installed.

> > In fact, can you try this patch to the security/heimdal Makefile?
> > 
> > % diff -u Makefile.orig Makefile 
> > --- Makefile.orig       Sat Mar 20 16:15:56 2004
> > +++ Makefile    Sat Mar 20 16:17:08 2004
> > @@ -32,6 +32,7 @@
> >  CONFIGURE_ENV+=                CFLAGS="${CFLAGS}"
> >  CONFIGURE_ARGS+=       --enable-shared --without-krb4
> >  .if defined(WITH_LDAP)
> > +USE_OPENLDAP=          yes
> >  CONFIGURE_ARGS+=       --with-openldap=${LOCALBASE}
> >  .endif
> That would be preferable, because OpenLDAP 2.0 is about to be removed
> May 1st. You'll have to remove the LIB_DEPENDS above, too.

Still need the patch? Since I have all installed above.

> > This should cause your system to install one of the OpenLDAP ports as
> > a dependency of security/heimdal before it builds the heimdal stuff
> > itself -- net/openldap21-client is probably what will be installed.
> This is currently the default. You can change that by using
> WANT_OPENLDAP_VER, although you won't have any advantages on
> the client side.

What do you think of 2.2?

> > Since you'll be installing OpenLDAP, you might want to refer to
> > -- I don't know if the
> > patches spoken of there are still necessary (that page could well be
> > out of date as it seems to be a few versions behind on the OpenLDAP
> > releases), but if they are, you can try building the OpenLDAP stuff
> > with "WITH_SASL=yes"

Yes, that doc has been around a while and that is where I started, but
from other things found on the web I remember determining the patch was
not needed anymore. Can't remember why, though.

> Depending on what you want to do, you need to compile OpenLDAP with
> SASL support, Cyrus SASL with Heimdal GSSAPI or Heimdal with OpenLDAP
> support. See for example <>

I guess I should start from scratch and rebuild my OpenLDAP as you
suggested. It was built a while back and not sure what options I have
built-in. I will follow the doc you suggested. My question is if I
rebuild OpenLDAP, do I go back into the /usr/ports/net/openldap2x-server
and portupgrade again or did the portupgrade bring something else down
for me to work with 2.1.27 directly?


More information about the freebsd-ports mailing list