FreeBSD Port: krb5-1.13
Cy.Schubert at komquats.com
Sat Nov 22 17:57:28 UTC 2014
In message <5470AA17.4040008 at herveybayaustralia.com.au>, R Skinner writes:
> An interesting point came up in one of my ventures - I was trying to set
> up a kerberos system with ldap for authentication/authorisation,
> therefore using ldap as the backend for the kerberos.
> I ran make install clean from ports and set ldap options in the config,
> then tried to get it all running using some docs and tutorials I googled
> up. All of them mention a kerberos.schema file needed in openldap/schema/.
> So I started hunting for it; couldn't find it. Looked online at various
> sites (including mit) and it is mentioned, but all information pointed
> to it being available under share/doc/ in some form. But to my chagrin,
> it was not to be found at all. Now I'm really got my challenge on, so I
> look deeper.
> I checked the plist file and it is not mentioned, though one would think
> it would be if ldap is set in the config. I looked all through near
> every file, ran find commands; all no good. I then run make again and
> attempt to see if it is actually shipped with the tar ball. Finally,
> looking deep in the extracted and built directory (not staged, mind) I
> finally find my kerberos.schema, as well as a kerberos.ldif, in
> Now that I've narrated my little adventure, I'm left kinda curious as to
> why, if ldap is selected as an option in config, _and_ if this schema is
> so critical to the operation of ldap as a backend to kerberos (maybe
> even heimdal too), then why are these files simply discarded rather than
> installed, leaving someone like myself frustrated and mystified? :) I
> imagine many would simply give up or try and jerry rig something by this
> point, but for it to be right there...
> Any chance for a fix on this? I think I may have even tried to do this
> several years ago as well and gave up because of this same issue
> (although I think I may have been looking at heimdal at the time, so
> same issue could still be there too); had to put it in the too hard
> basket at the time due to temporal deficiencies...
File a PR and I'll look at it. Thanks.
Cy Schubert <Cy.Schubert at komquats.com>
FreeBSD UNIX: <cy at FreeBSD.org> Web: http://www.FreeBSD.org
The need of the many outweighs the greed of the few.
More information about the freebsd-ports