Site Navigation

Date:      Mon, 18 Nov 2002 10:22:18 +0900 (JST)
From:      KIMURA Yasuhiro <yasu@utahime.org>
To:        freebsd-security@freebsd.org
Subject:   Re: ANNOUNCE: FreeBSD Security Advisory FreeBSD-SA-02:40.kadmind
Message-ID:  <20021118.102218.35789518.yasu@utahime.org>
In-Reply-To: <200211130406.gAD46ZFu008072@freefall.freebsd.org>
References:  <200211130406.gAD46ZFu008072@freefall.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

>>>>> FreeBSD Security Advisories <security-advisories@FreeBSD.org> wrote:

> V.   Solution
(snip)
> 2) To patch your present system:
(snip)
> b) Execute the following commands as root:
> # cd /usr/src
> # patch < /path/to/patch
> # cd /usr/src/kerberos5/libexec/k5admind
> # make depend && make all install
> # cd /usr/src/kerberosIV/usr.sbin/kadmind
> # make depend && make all install

I tried instructions above on my 4.7-RELEASE pc and failed to build
k5admind and kandmind.


sugar# cd /usr/src/kerberos5/libexec/k5admind/
sugar# make depend && make all install
mkdir kadm5
cp /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/kadm5/private.h kadm5/private.h
cp /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/kadm5/admin.h kadm5/admin.h
test -e /usr/src/kerberos5/libexec/k5admind/kadm5_err.et || ln -sf /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/kadm5/kadm5_err.et
compile_et kadm5_err.et
cd /usr/src/kerberos5/libexec/k5admind/kadm5 && ln -sf ../kadm5_err.h
rm -f .depend
mkdep -f .depend -a    -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/include -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/roken -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/krb5 -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/asn1 -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/sl -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/kadm5 -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin -I/usr/src/kerberos5/libexec/k5admind/../../lib/libasn1 -I/usr/src/kerberos5/libexec/k5admind/../../lib/libhdb -I/usr/src/kerberos5/libexec/k5admind -I/usr/src/kerberos5/libexec/k5admind/../../include -DHAVE_CONFIG_H -DKRB5_KRB4_COMPAT -DKRB4 -DINET6  /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmind.c /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/server.
 c /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadm_conn.c /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/version4.c
In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:92,
                 from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmind.c:34:
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:39: hdb_err.h: No such file or directory
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:41: hdb_asn1.h: No such file or directory
In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmind.c:34:
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:93: hdb_err.h: No such file or directory
In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:92,
                 from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/server.c:34:
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:39: hdb_err.h: No such file or directory
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:41: hdb_asn1.h: No such file or directory
In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/server.c:34:
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:93: hdb_err.h: No such file or directory
In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:92,
                 from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadm_conn.c:34:
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:39: hdb_err.h: No such file or directory
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:41: hdb_asn1.h: No such file or directory
In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadm_conn.c:34:
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:93: hdb_err.h: No such file or directory
In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:92,
                 from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/version4.c:33:
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:39: hdb_err.h: No such file or directory
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:41: hdb_asn1.h: No such file or directory
In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/version4.c:33:
/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:93: hdb_err.h: No such file or directory
mkdep: compile failed
*** Error code 1

Stop in /usr/src/kerberos5/libexec/k5admind.
sugar# cd /usr/src/kerberosIV/usr.sbin/kadmind/
sugar# make depend && make all install
rm -f .depend
mkdep -f .depend -a    -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/include -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/roken -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/sl -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/acl -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/kadm -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/kdb -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/krb -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin -I/usr/src/kerberosIV/usr.sbin/kadmind/../../lib/libkadm -I/usr/src/kerberosIV/usr.sbin/kadmind/../../lib/libkrb -I/usr/src/kerberosIV/usr.sbin/kadmind/../include -I/usr/src/kerberosIV/usr.sbin/kadmind/../../include -DHAVE_CONFIG_H -I/usr/src/kerberosIV/usr.sbin/kadmind/../../include -DBINDIR=\"/usr/bin\" -DSBINDIR=\"/usr/sbin\" -DLIBEXECDIR=\"/usr/libexec\"  /usr/src/ker
 berosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_server.c /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_funcs.c /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/admin_server.c /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_ser_wrap.c /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/pw_check.c
In file included from /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_server.c:26:
/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_locl.h:38: protos.h: No such file or directory
In file included from /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_funcs.c:31:
/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_locl.h:38: protos.h: No such file or directory
In file included from /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/admin_server.c:31:
/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_locl.h:38: protos.h: No such file or directory
In file included from /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_ser_wrap.c:31:
/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_locl.h:38: protos.h: No such file or directory
In file included from /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/pw_check.c:34:
/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_locl.h:38: protos.h: No such file or directory
mkdep: compile failed
*** Error code 1

Stop in /usr/src/kerberosIV/usr.sbin/kadmind.
sugar# 

Are there anything else that I should do to patch my 4.7R system?

And one more question. This adovisary says:

> The k5admind server is installed as part of the `krb5' distribution,
> or when building from source with MAKE_KERBEROS5 set.  The kadmind
> server is installed as part of the `krb4' distribution, or when
> building from source with MAKE_KERBEROS4 set.  Neither is installed by
> default.

But both k5admind and kadmind are installed on my 4.7R systems.

sugar# ls -l /usr/sbin/kadmind 
-r-xr-xr-x  1 root  wheel  21808 Oct  9 21:51 /usr/sbin/kadmind
sugar# ls -l /usr/libexec/k5admind 
-r-xr-xr-x  1 root  wheel  19704 Oct  9 21:55 /usr/libexec/k5admind
sugar# 

I selected "X-Developer" when I install these systems. Isn't it the
"default installation" describled above?

---
KIMURA Yasuhiro
Mail: yasu@utahime.org
WWW:  http://www.utahime.org/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021118.102218.35789518.yasu>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact