Date: Fri, 12 Nov 2010 19:19:12 +0100 From: Leon =?iso-8859-15?Q?Me=DFner?= <l.messner@physik.tu-berlin.de> To: Joerg Pulz <Joerg.Pulz@frm2.tum.de> Cc: Leon =?iso-8859-15?Q?Me=DFner?= <l.messner@physik.tu-berlin.de>, freebsd-questions@freebsd.org Subject: Re: How do we like our base kerberos? Will it flee soon? Message-ID: <20101112181912.GD8921@emmi.physik-pool.tu-berlin.de> In-Reply-To: <alpine.BSF.2.00.1011121754410.51792@unqrf.nqzva.sez2> References: <20101110170053.GE95441@emmi.physik-pool.tu-berlin.de> <alpine.BSF.2.00.1011111618230.1682@unqrf.nqzva.sez2> <20101112163630.GB8921@emmi.physik-pool.tu-berlin.de> <alpine.BSF.2.00.1011121754410.51792@unqrf.nqzva.sez2>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Nov 12, 2010 at 06:03:33PM +0100, Joerg Pulz wrote: > On Fri, 12 Nov 2010, Leon Meßner wrote: > > > On Thu, Nov 11, 2010 at 04:22:57PM +0100, Joerg Pulz wrote: > >> On Wed, 10 Nov 2010, Leon Meßner wrote: > > Did exactly as told and everything worked fine. Im currently in the > > process of rebuilding gssapi dependent software. Will tell if it fixed > > my issue. > > Hi, > > good to hear that everything went fine for you. > If you're using 8.x you should remove some of the leftover kerberos/gssapi > libraries by yourself as the ObsoleteFiles list is still incomplete in > 8.x and 'make delete-old delete-old-libs' will not remove everything. > E.g. > in /usr/lib and /usr/lib32 > libasn1* libgssapi* libhdb* libheimntlm* libhx509* > libkadm5* libkafs5* libkrb5* > in /usr/libexec > kcm It looks like i do also still have the old kerberos tools (kinit,kadmin etc.) in the base prefix and they do now segfault: /libexec/ld-elf.so.1: Shared object "libkafs5.so.10" not found, required by "kinit" # ls /usr/local/lib/libkafs* /usr/local/lib/libkafs.a /usr/local/lib/libkafs.la /usr/local/lib/libkafs.so /usr/local/lib/libkafs.so.5 > Btw. > If you're using security/cyrus-sasl2 with GSSAPI please take a look at > PR/152071. Using that. Patch applied and build cleanly. saslauthd starts as expected. But i do have some problems now getting tickets. This machine is a kerberos slave. if i start ipropd-slave with local kdc running i get: krb5_get_init_creds: Client (iprop/lise.physik-pool.tu-berlin.de@PCPOOL.PHYSIK.TU-BERLIN.DE) unknown when local kdc is not running authentication works but i get: ipropd-slave[28610]: connection successful to master: marie.physik-pool.tu-berlin.de[130.149.58.147] ipropd-slave[28610]: ipropd-slave started at version: 10166 ipropd-slave[28610]: db->open: dbm_open(/var/heimdal/heimdal): Inappropriate file type or format Which i can understand because the db is at /var/heimdal/heimdal.db which in turn is correctly specified in /etc/krb5.conf. Are there any config syntax changes between 0.6.3 and 1.4, so i have to modify my krb5.conf ? Thanks, Leon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101112181912.GD8921>