Date: Sat, 1 Mar 2014 20:36:02 -0800 From: Matt Mullins <mokomull@gmail.com> To: nightrecon@hotmail.com Cc: FreeBSD <freebsd-questions@freebsd.org> Subject: Re: heimdal and BDB troubles after upgrading to 10 Message-ID: <CAPyT1SHgXU8HntH-v8ram9%2Bn6Q3x5tVk_4jiHHdLE-UKrNCgpw@mail.gmail.com> In-Reply-To: <letbfq$8hk$1@ger.gmane.org> References: <CAPyT1SFP0Po-%2BDOnwamezmpsNw0tXkq4M9iULHCCFiCY1-Kv7A@mail.gmail.com> <letbfq$8hk$1@ger.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I did set that -- I was firmly informed of that when I went to build db46
against FreeBSD 10 :)
It turns out I managed to get it working, though:
I manually built Heimdal 1.5.2 with "./configure CXX=g++46 CC=gcc46", since
clang doesn't see /usr/local/include as a default path. After running
./configure, I also had to manually comment out the "#define HAVE_DB1 1"
line from include/config.h, since that apparently supercedes using
DB3-style APIs in Heimdal.
That got me a working copy of "kadmin" that I was able to run out of my
home directory (didn't even bother running "make install"), from which I
was able to "./kadmin/kadmin -l" and use the "dump" command to dump the
database to text. Loading it was a matter of running the system "kadmin
-l" and using load to restore it.
Since I already had it in text form, I went ahead and removed the heimdal
port and migrated to the version included with base.
Also for the people finding this on Google later: I got a lot of
"krb5_crypto_init failed: encryption key has bad length" ... turns out I'd
also removed the "mkey" file in my attempt to remove the old database, and
the textual dumps are still encrypted with it. Replaced the mkey from
backup, and suddenly I had working Kerberos again.
Thanks for your suggestion! Hopefully my experience wasn't too far-fetched.
On Sat, Mar 1, 2014 at 11:13 AM, Michael Powell <nightrecon@hotmail.com>wrote:
> Matt Mullins wrote:
>
> > It looks like I've managed to break my KDC by upgrading to 10 -- all I
> can
> > seem to get the KDC to do is give me the following error:
> >
> > 2014-02-28T22:46:02 Failed to open database: dbopen (/var/heimdal/foo):
> > Inappropriate file type or format
> >
> > I've tried building db5 (replacing db46 which is also still installed on
> > my machine -- apparently deprecated in the meantime), and rebuilding
> > heimdal against it, all to no avail.
> >
> > db_verify-5 reports that the database file is in good health. gdb tells
> > me that for some reason, heimdal is trying to use the libc's dbopen()
> > instead of db5's -- is there a way I can coerce heimdal into using the
> > right library?
> >
> > My krb5.conf has:
> > [kdc]
> > database = {
> > dbname = /var/heimdal/foo
> > realm = LOCAL.MMLX.US
> > mkey_file = /var/heimdal/foo.mkey
> > log_file = /var/heimdal/bar
> > acl_file = /var/heimdal/kadmind.acl
> > }
> > enable_kereberos4 = false
> > enable_http = false
>
> Have you tried the WITH_BDB_VER=5 or WITH_BDB_VER=6 in make.conf as per
> UPDATING entry 20131216: before building?
>
> -Mike
>
>
>
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscribe@freebsd.org"
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPyT1SHgXU8HntH-v8ram9%2Bn6Q3x5tVk_4jiHHdLE-UKrNCgpw>