kadmin (heimdal port) ignores the ldap backend
fandino
fandino at ng.fadesa.es
Wed Jun 1 09:25:47 PDT 2005
Boris Samorodov wrote:
> On Wed, 01 Jun 2005 12:17:31 +0200 fandino wrote:
>> I'm testing a new configuration with heimdal and the ldap backend
>>but kadmin is completely ignoring the ldap directive in the dbname
>>definition.
...
>>when the realm is initied kadmin creates a couple of files with the literal
>>dbname definition (adding ldap: as filename prefix) instead of contacting
>>the openldap server.
>
>
>># /usr/local/sbin/kadmin -l
>>kadmin> init OLIMPUS
>>Realm max ticket life [unlimited]:
>>Realm max renewable ticket life [unlimited]:
>># ls -l
>>...
>>-rw------- 1 root wheel 32768 May 31 10:19 ldap:ou=gods,dc=olimpus.db
>>-rw------- 1 root wheel 7584 May 31 10:19 ldap:ou=gods,dc=olimpus.log
>>...
>>anyone knows what I'm missing?
>
> What version of FreeBSD do you have? 5.4-RELEASE has heimdal 0.6.3 at
> the base system.
I'm using 5.4-RELEASE.
> Do you build FreeBSD with Kerberos support? There may be system
Yes, it was builded with Kerberos(0.6.3) and the heimdal port
(0.6.3) was also installed in order to get ldap support for
kerberos without getting messed with the system kerberos.
> libraries located earlier in LDD_PATH which kadmin uses. Try ktrace
> and kdump to see which libraries are used at run-time.
you have found something interesting, this strace[1] shows us
that /usr/local/sbin/kadmin (the port kadmin binary) is using
"/usr/local/lib/libkadm5clnt.so.6" and "/usr/lib/libkadm5srv.so.7"
could libkadm5srv be the culprit (now I haven't access to this box)?
how I can force /usr/local/sbin/kadmin to use the port library
and not the system library?
Thanks you.
[1] http://195.55.55.164/tests/FreeBSD/strace.txt
More information about the freebsd-ports
mailing list