From owner-freebsd-security@FreeBSD.ORG Mon Aug 4 23:01:34 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DD07437B401 for ; Mon, 4 Aug 2003 23:01:34 -0700 (PDT) Received: from pimout1-ext.prodigy.net (pimout1-ext.prodigy.net [207.115.63.77]) by mx1.FreeBSD.org (Postfix) with ESMTP id EED4543FA3 for ; Mon, 4 Aug 2003 23:01:33 -0700 (PDT) (envelope-from metrol@metrol.net) Received: from adsl-67-121-60-9.dsl.anhm01.pacbell.net (adsl-67-121-60-9.dsl.anhm01.pacbell.net [67.121.60.9])h7561WIK052490 for ; Tue, 5 Aug 2003 02:01:32 -0400 From: Michael Collette To: FreeBSD Security Date: Mon, 4 Aug 2003 22:57:01 -0700 User-Agent: KMail/1.5.3 References: <200307301553.40385.metrol@metrol.net> <200308041626.41760.metrol@metrol.net> <20030804220217.U21076@seekingfire.com> In-Reply-To: <20030804220217.U21076@seekingfire.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200308042257.01280.metrol@metrol.net> Subject: Re: Kerberos to file server X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Aug 2003 06:01:35 -0000 On Monday 04 August 2003 09:02 pm, Tillman wrote: > On Mon, Aug 04, 2003 at 04:26:41PM -0700, Michael Collette wrote: > > The FreeBSD Handbook has a Kerberos tutorial, but it's apparently out of > > date or something just ain't right. > > http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kerberos.html > > > > First thing it asks me to do is initialize the Kerberos database with the > > "kdb_init" command. I don't have a kdb_init command on this system. I > > then just installed the krb5 port, and it doesn't have that command > > either. Double checked the package list. > > > > It looks like a number of things don't match up to the tutorial. Is > > there some new procedure out there to configure a Kerberos enabled > > machine, or am I just missing some key component in a perfectly fine > > tutorial? > > > > Thanks, > > The handbook is out of date -- it cover Kerberos 4, not 5. Check out my > previous posting to the questions@ list on the topic: > > http://www.mail-archive.com/freebsd-questions@freebsd.org/msg19447.html > > -T I have been looking at those docs. The part I don't get are the file paths involved, as they're very non-FreeBSD'ish. /usr/local/var?? Do I need to alter environment variables to put things into their proper places, or create the directories that it expects? I would expect config files for a port to be in /usr/local/etc/krb5 or some such. BTW, working with the MIT version now, since installing the port and all. Also got the pam_krb5 port in there as well. I think I'm about ready to really muck this thing up once I understand what all I need to do about file paths. Later on, -- "In theory, there is no difference between theory and practice. In practice, there is." - Yogi Berra