From owner-freebsd-i386@FreeBSD.ORG Thu Oct 14 05:30:09 2010 Return-Path: Delivered-To: freebsd-i386@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6F77E106564A for ; Thu, 14 Oct 2010 05:30:09 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 350098FC14 for ; Thu, 14 Oct 2010 05:30:08 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o9E5U8jQ049144 for ; Thu, 14 Oct 2010 05:30:08 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o9E5U8vK049139; Thu, 14 Oct 2010 05:30:08 GMT (envelope-from gnats) Resent-Date: Thu, 14 Oct 2010 05:30:08 GMT Resent-Message-Id: <201010140530.o9E5U8vK049139@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-i386@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Martin Schweizer Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7E4F1106564A for ; Thu, 14 Oct 2010 05:21:29 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id 6CFA38FC0C for ; Thu, 14 Oct 2010 05:21:29 +0000 (UTC) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o9E5LSOP047022 for ; Thu, 14 Oct 2010 05:21:28 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id o9E5LSnP047021; Thu, 14 Oct 2010 05:21:28 GMT (envelope-from nobody) Message-Id: <201010140521.o9E5LSnP047021@www.freebsd.org> Date: Thu, 14 Oct 2010 05:21:28 GMT From: Martin Schweizer To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: i386/151444: Kerberos5 is broken in the base system from 8.1 (i386) X-BeenThere: freebsd-i386@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: I386-specific issues for FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Oct 2010 05:30:09 -0000 >Number: 151444 >Category: i386 >Synopsis: Kerberos5 is broken in the base system from 8.1 (i386) >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-i386 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Oct 14 05:30:07 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Martin Schweizer >Release: FreeBSD 8.1 Release >Organization: PC-Service M. Schweizer GmbH >Environment: FreeBSD acsvfbsd04.acutronic.ch 8.1-RELEASE FreeBSD 8.1-RELEASE #2: Wed Oct 13 23:46:17 CEST 2010 martin@acsvfbsd04.acutronic.ch:/usr/obj/usr/src/sys/GENERIC i386 >Description: The kerberos5 system in the base is only under FreeBSD 8.1 Release i386 (not under amd64 and also not in earlier releases) broken. kinit it works. Also compile the source without kerberos5 and use heimdal from ports is not a solution because it works also not. There are different threads in the past months about this (gssapi segfault): - http://docs.freebsd.org/mail/archive/2010/freebsd-stable/20100725.freebsd-stable.html - http://docs.freebsd.org/mail/archive/2010/freebsd-stable/20100718.freebsd-stable.html Here are my threads: - http://docs.freebsd.org/mail/archive/2010/freebsd-stable/20101003.freebsd-stable.html (Kerberos/SASL) Since I'm not a programmer I can not give you more debug details. I also checked the saslauthd with truss. There I found that kerberos will check each time a directory which is called /usr/lib/plugin/krb5 but isn't existend. I did not found any information what kerberos here is looking for. >How-To-Repeat: Cyrus sasl (newest verison) with saslauth -a kerberos5. >Fix: It works with -a pam, but you need a long outstanding patch (http://www.freebsd.org/cgi/query-pr.cgi?pr=76678&cat=)! >Release-Note: >Audit-Trail: >Unformatted: