Date: Wed, 2 Jun 2010 10:56:47 -0600 From: Tim Judd <tajudd@gmail.com> To: John <ilcsfe@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Apache 2.2, mod_auth_kerb Message-ID: <AANLkTikllx6vQYMAh9F2nZSXkcNrMjr10CmKlhWh8CMS@mail.gmail.com> In-Reply-To: <4C0622C2.7080408@gmail.com> References: <4BF532F7.7070003@gmail.com> <AANLkTik4SdYaBPOyMIhiun2oc5QAnSuzNuxLejspECRm@mail.gmail.com> <4C0622C2.7080408@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6/2/10, John <ilcsfe@gmail.com> wrote: > On 2010-05-20 23:34, Tim Judd wrote: >> On 5/20/10, John<ilcsfe@gmail.com> wrote: >>> Hi list. >>> >>> I'm having problems getting mod_auth_kerb to play nice on one of my >>> servers. >>> I have the exact same setup on other machines and it works perfectly, >>> only difference is this ones running CURRENT while they track RELEASE. >>> >>> Some info: >>> >>> # pkg_info|grep apache&& pkg_info|grep kerb >>> apache-2.2.15_7 Version 2.2.x of Apache web server with prefork MPM. >>> mod_auth_kerb-5.4 An Apache module for authenticating users with >>> Kerberos v5 >>> >>> # uname -a >>> FreeBSD host.example.com 9.0-CURRENT FreeBSD 9.0-CURRENT #5: Tue May 11 >>> 20:04:45 UTC 2010 host.example.com:/usr/obj/usr/src/sys/HOST i386 >>> >>> >>> Everything compiles and installs nicely, but when I try to do a >>> 'apachectl start' I get this: >>> >>> httpd: Syntax error on line 4 of /usr/local/etc/apache22/httpd.conf: >>> Cannot load /usr/local/libexec/apache22/mod_auth_kerb.so into server: >>> /usr/local/libexec/apache22/mod_auth_kerb.so: Undefined symbol >>> "gsskrb5_register_acceptor_identity" >>> >>> Is this due to running current? >>> If it is I will drop the issue right now, I just want to know for sure >>> before I spend hours trying to solve it. >>> >> >> >> It begins to look like GSSAPI is not in there. GSSAPI is part of >> world. You may need to rebuild kerberos with GSSAPI support. Are you >> using the builtin MIT or the add-on heimdal kerberos? > > I'm using the builtin. How do I rebuild kerberos with GSSAPI support, I > though that was builtin by default in FreeBSD since 5.1 somewhere? > > klist, kinit and kdestroy all works fine and I can authenticate against > an Active Directory server, but I just cant get Apache to load the > mod_auth_kerb module. > > I just did a clean install of a FreeBSD 8.1-PRERELEASE, and I have > exactly the same error there so it's not related to running current. > What am I doing wrong? I don't know if I'm reading bsd.apache.mk right (included due to the dependency of apache webserver), but mod_auth_kerb may require apache 1.3, not 2.x does your 8.1 have apache1.3? Maybe it has both nd 1.3 is running? I would bet that a 1.3 module won't work in 2.x does apache2.x have a kerberos module? there have been a ton of additions to apache2.x Let us know.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTikllx6vQYMAh9F2nZSXkcNrMjr10CmKlhWh8CMS>