Date: Thu, 18 Jan 2018 20:18:29 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 225305] net/nss-pam-ldapd: krb5_ccname option in nslcd.conf has no effect Message-ID: <bug-225305-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225305 Bug ID: 225305 Summary: net/nss-pam-ldapd: krb5_ccname option in nslcd.conf has no effect Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: zi@FreeBSD.org Reporter: cullum@c0ffee.net Assignee: zi@FreeBSD.org Flags: maintainer-feedback?(zi@FreeBSD.org) Created attachment 189892 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D189892&action= =3Dedit patch to allow linking against different kerberos implementations The krb5_ccname option in nslcd.conf for kerberos authentication has no eff= ect. This port always links against the base kerberos (heimdal). In addition to = the upstream documentation saying that only MIT kerberos is tested (https://arthurdejong.org/nss-pam-ldapd/HACKING), when linking against heim= dal, the krb5_ccname option appears to have no effect. According to the debug lo= gs, /tmp/krb5cc_928 is always used as the ticket cache. Exporting the KRB5CCNAME environment variable also did not work. This issue was resolved when I linked against MIT's kerberos. I've attached= a diff of the port's Makefile to allow choosing which Kerberos implementation= to link against. I have only tested this with MIT kerberos. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-225305-13>