kadmin (heimdal port) ignores the ldap backend

Boris Samorodov bsam at ipt.ru
Thu Jun 2 06:32:40 PDT 2005

On Thu, 02 Jun 2005 13:04:56 +0200 fandino wrote:

> Boris Samorodov wrote:
> >>>Do you build FreeBSD with Kerberos support? There may be system
> > 
> >>Yes, it was builded with Kerberos(0.6.3) and the heimdal port
> > Aha, thus you install system libraries to /usr/lib etc...
>  >
> >>(0.6.3) was also installed in order to get ldap support for heimdal
> > ...and those libraries from the port install to /usr/local/lib...

> correct.

> >>kerberos without getting messed with the system kerberos.
> > ...and finally get it messed.

> sometimes the longest way is _really_ the hardest way ;-)

> >>>libraries located earlier in LDD_PATH which kadmin uses. Try ktrace
> >>>and kdump to see which libraries are used at run-time.
> > 
> >>you have found something interesting, this strace[1] shows us
> >>that /usr/local/sbin/kadmin (the port kadmin binary) is using
> >>"/usr/local/lib/libkadm5clnt.so.6" and "/usr/lib/libkadm5srv.so.7"
> >>could libkadm5srv be the culprit (now I haven't access to this box)?
> > I think this is the point. 
> >>how I can force /usr/local/sbin/kadmin to use the port library
> >>and not the system library?
> > 1. The main idea is to force search at /usr/local/lib before
> > /usr/lib
> .....

> I removed temporally all /usr/lib/libkadm5srv* libraries and as results
> kadmin was forced to load /usr/local libraries, but I get the same
> problem :-(


> again kadmin doesn't use ldap and fallback to database files.

>From your dump:
 58516 kadmin   CALL  access(0x28079000,0)
 58516 kadmin   NAMI  "/usr/lib/libhdb.so.7"
 58516 kadmin   RET   access 0
 58516 kadmin   CALL  open(0x28076040,0,0xbfbfebcc)
 58516 kadmin   NAMI  "/usr/lib/libhdb.so.7"
 58516 kadmin   RET   open 3
 58516 kadmin   CALL  fstat(0x3,0xbfbfebcc)
 58516 kadmin   RET   fstat 0
 58516 kadmin   CALL  read(0x3,0x28070c40,0x1000)
 58516 kadmin   GIO   fd 3 read 4096 bytes

Thus kadmin is using the system libhdb. The port version shuold be at


More information about the freebsd-ports mailing list