From owner-freebsd-security Sun Nov 17 17:22:55 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1F5D237B401 for ; Sun, 17 Nov 2002 17:22:51 -0800 (PST) Received: from utahime.as.wakwak.ne.jp (utahime.as.wakwak.ne.jp [61.205.238.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0D10643E4A for ; Sun, 17 Nov 2002 17:22:45 -0800 (PST) (envelope-from yasu@utahime.org) Received: from eastasia.home.utahime.org (eastasia.home.utahime.org [192.168.174.1]) by utahime.as.wakwak.ne.jp (Postfix) with ESMTP id 388B319C for ; Mon, 18 Nov 2002 10:22:44 +0900 (JST) Received: from localhost (eastasia.home.utahime.org [192.168.174.1]) by eastasia.home.utahime.org (Postfix) with ESMTP id 18FF3A7B for ; Mon, 18 Nov 2002 10:22:43 +0900 (JST) Date: Mon, 18 Nov 2002 10:22:18 +0900 (JST) Message-Id: <20021118.102218.35789518.yasu@utahime.org> To: freebsd-security@freebsd.org Subject: Re: ANNOUNCE: FreeBSD Security Advisory FreeBSD-SA-02:40.kadmind From: KIMURA Yasuhiro In-Reply-To: <200211130406.gAD46ZFu008072@freefall.freebsd.org> References: <200211130406.gAD46ZFu008072@freefall.freebsd.org> Organization: Utahime no Mori X-Mailer: Mew version 3.1rc2 on Emacs 21.2 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >>>>> FreeBSD Security Advisories wrote: > V. Solution (snip) > 2) To patch your present system: (snip) > b) Execute the following commands as root: > # cd /usr/src > # patch < /path/to/patch > # cd /usr/src/kerberos5/libexec/k5admind > # make depend && make all install > # cd /usr/src/kerberosIV/usr.sbin/kadmind > # make depend && make all install I tried instructions above on my 4.7-RELEASE pc and failed to build k5admind and kandmind. sugar# cd /usr/src/kerberos5/libexec/k5admind/ sugar# make depend && make all install mkdir kadm5 cp /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/kadm5/private.h kadm5/private.h cp /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/kadm5/admin.h kadm5/admin.h test -e /usr/src/kerberos5/libexec/k5admind/kadm5_err.et || ln -sf /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/kadm5/kadm5_err.et compile_et kadm5_err.et cd /usr/src/kerberos5/libexec/k5admind/kadm5 && ln -sf ../kadm5_err.h rm -f .depend mkdep -f .depend -a -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/include -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/roken -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/krb5 -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/asn1 -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/sl -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/kadm5 -I/usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin -I/usr/src/kerberos5/libexec/k5admind/../../lib/libasn1 -I/usr/src/kerberos5/libexec/k5admind/../../lib/libhdb -I/usr/src/kerberos5/libexec/k5admind -I/usr/src/kerberos5/libexec/k5admind/../../include -DHAVE_CONFIG_H -DKRB5_KRB4_COMPAT -DKRB4 -DINET6 /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmind.c /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/server. c /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadm_conn.c /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/version4.c In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:92, from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmind.c:34: /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:39: hdb_err.h: No such file or directory /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:41: hdb_asn1.h: No such file or directory In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmind.c:34: /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:93: hdb_err.h: No such file or directory In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:92, from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/server.c:34: /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:39: hdb_err.h: No such file or directory /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:41: hdb_asn1.h: No such file or directory In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/server.c:34: /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:93: hdb_err.h: No such file or directory In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:92, from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadm_conn.c:34: /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:39: hdb_err.h: No such file or directory /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:41: hdb_asn1.h: No such file or directory In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadm_conn.c:34: /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:93: hdb_err.h: No such file or directory In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:92, from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/version4.c:33: /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:39: hdb_err.h: No such file or directory /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/lib/hdb/hdb.h:41: hdb_asn1.h: No such file or directory In file included from /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/version4.c:33: /usr/src/kerberos5/libexec/k5admind/../../../crypto/heimdal/kadmin/kadmin_locl.h:93: hdb_err.h: No such file or directory mkdep: compile failed *** Error code 1 Stop in /usr/src/kerberos5/libexec/k5admind. sugar# cd /usr/src/kerberosIV/usr.sbin/kadmind/ sugar# make depend && make all install rm -f .depend mkdep -f .depend -a -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/include -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/roken -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/sl -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/acl -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/kadm -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/kdb -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/lib/krb -I/usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin -I/usr/src/kerberosIV/usr.sbin/kadmind/../../lib/libkadm -I/usr/src/kerberosIV/usr.sbin/kadmind/../../lib/libkrb -I/usr/src/kerberosIV/usr.sbin/kadmind/../include -I/usr/src/kerberosIV/usr.sbin/kadmind/../../include -DHAVE_CONFIG_H -I/usr/src/kerberosIV/usr.sbin/kadmind/../../include -DBINDIR=\"/usr/bin\" -DSBINDIR=\"/usr/sbin\" -DLIBEXECDIR=\"/usr/libexec\" /usr/src/ker berosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_server.c /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_funcs.c /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/admin_server.c /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_ser_wrap.c /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/pw_check.c In file included from /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_server.c:26: /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_locl.h:38: protos.h: No such file or directory In file included from /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_funcs.c:31: /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_locl.h:38: protos.h: No such file or directory In file included from /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/admin_server.c:31: /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_locl.h:38: protos.h: No such file or directory In file included from /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_ser_wrap.c:31: /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_locl.h:38: protos.h: No such file or directory In file included from /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/pw_check.c:34: /usr/src/kerberosIV/usr.sbin/kadmind/../../../crypto/kerberosIV/kadmin/kadm_locl.h:38: protos.h: No such file or directory mkdep: compile failed *** Error code 1 Stop in /usr/src/kerberosIV/usr.sbin/kadmind. sugar# Are there anything else that I should do to patch my 4.7R system? And one more question. This adovisary says: > The k5admind server is installed as part of the `krb5' distribution, > or when building from source with MAKE_KERBEROS5 set. The kadmind > server is installed as part of the `krb4' distribution, or when > building from source with MAKE_KERBEROS4 set. Neither is installed by > default. But both k5admind and kadmind are installed on my 4.7R systems. sugar# ls -l /usr/sbin/kadmind -r-xr-xr-x 1 root wheel 21808 Oct 9 21:51 /usr/sbin/kadmind sugar# ls -l /usr/libexec/k5admind -r-xr-xr-x 1 root wheel 19704 Oct 9 21:55 /usr/libexec/k5admind sugar# I selected "X-Developer" when I install these systems. Isn't it the "default installation" describled above? --- KIMURA Yasuhiro Mail: yasu@utahime.org WWW: http://www.utahime.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message