From owner-freebsd-hackers@FreeBSD.ORG Wed Feb 15 19:08:53 2012 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E7BE3106566B for ; Wed, 15 Feb 2012 19:08:52 +0000 (UTC) (envelope-from ansarm@gmail.com) Received: from mail-pw0-f54.google.com (mail-pw0-f54.google.com [209.85.160.54]) by mx1.freebsd.org (Postfix) with ESMTP id BFD238FC14 for ; Wed, 15 Feb 2012 19:08:52 +0000 (UTC) Received: by pbcxa7 with SMTP id xa7so1910131pbc.13 for ; Wed, 15 Feb 2012 11:08:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=RjFH6tH2sG/pgnmC2VNhKOQOaOalh8hrErniUcD6Kac=; b=RtbXR1kczfvGTulcVRad1Vtsx20IcbI/NQ+jFycpxfdo6vjANFWcaWgyEYnE3Tv39L kw1kof8CTb60vpn2LD+vGYKbKaTsnbA9l1nfmH3gyS+/7YK5HrBYFKVzEaR3TlIqA+P5 PXWJnAjigWK3ZLF3/oETqr73BfsLduPT9G2Tg= MIME-Version: 1.0 Received: by 10.68.208.136 with SMTP id me8mr6278598pbc.55.1329332932422; Wed, 15 Feb 2012 11:08:52 -0800 (PST) Received: by 10.68.23.74 with HTTP; Wed, 15 Feb 2012 11:08:52 -0800 (PST) In-Reply-To: References: <487167524.1045003.1328751695510.JavaMail.root@erie.cs.uoguelph.ca> Date: Wed, 15 Feb 2012 14:08:52 -0500 Message-ID: From: Ansar Mohammed To: Rick Macklem Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-hackers@freebsd.org, Benjamin Kaduk Subject: Re: Kerberos and FreeBSD X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Feb 2012 19:08:53 -0000 Going back on this topic, it seems that there are alot of things that are being shipped with FreeBSD that I am not sure we need in the base distribution. Does anyone use portalfs? On Fri, Feb 10, 2012 at 3:54 AM, Ansar Mohammed wrote: > Thanks for the feedback. > I built world and disabled Kerberos in src.conf. > > I will just install Heimdal via ports now. > > There seems to be alot of other rather old bits of software in a > default installation. I noticed some old digiboard utility in a base > 9.0 build. > > On Wed, Feb 8, 2012 at 5:41 PM, Rick Macklem wrote= : >> Benjamin Kaduk wrote: >>> On Wed, 8 Feb 2012, Ansar Mohammed wrote: >>> >>> > Hello All, >>> > Is the port of Heimdal on FreeBSD being maintained? The version that >>> > ships with 9.0 seems a bit old. >>> > >>> > #> /usr/libexec/kdc-v >>> > kdc (Heimdal 1.1.0) >>> > Copyright 1995-2008 Kungliga Tekniska H=F6gskolan >>> > Send bug-reports to heimdal-bugs@h5l.org >>> >>> My understanding is that every five years or so, someone becomes fed >>> up >>> enough with the staleness of the "current" version and puts in the >>> effort >>> to merge in a newer version. >>> It looks like 3 years ago, dfr brought in that Heimdal 1.1 you see, to >>> replace the Heimdal 0.6 that nectar brought in 8 years ago. >>> I don't know of anyone with active plans to bring in a new version, at >>> present. >>> >>> -Ben Kaduk >>> >> I think it's a little trickier than it sounds. The Kerberos in FreeBSD >> isn't vanilla Heimdal 1.1, but a somewhat modified variant. >> >> Heimdal libraries have a separate source file for each function, plus >> a source file that defines all global storage used by functions in the >> library. >> One difference w.r.t. the FreeBSD variant that I am aware of is: >> - Some of the functions were moved from one library to another. (I don't >> =A0know why, but maybe it was to avoid a POLA violation which would requ= ire >> =A0apps to be linked with additional libraries?) >> =A0- To do this, some global variables were added to the source file in = the >> =A0 =A0library these functions were moved to. >> As such, if you statically link an app. to both libraries, the global va= riable >> can come up "multiply defined". (I ran into this when I was developing a= "gssd" >> prior to the one introduced as part of the kernel rpc.) You can get arou= nd this >> by dynamically linking, being careful about the order in which the libra= ries are >> specified. (The command "krb5-config --libs" helps w.r.t. this.) >> >> I don't know what else was changed, but I do know that it isn't as trivi= al as >> replacing the sources with ones from a newer Heimdal release. >> >> I think it would be nice if a newer Heimdal release was brought it, with= the >> minimal changes required to make it work. (If that meant that apps. need= ed more >> libraries, the make files could use "krb5-config --libs" to handle it, I= think?) >> >> Oh, and I'm not volunteering to try and do it;-) rick >>