From owner-freebsd-ports@FreeBSD.ORG Wed Jun 1 16:25:47 2005 Return-Path: X-Original-To: freebsd-ports@freebsd.org Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7244B16A41C for ; Wed, 1 Jun 2005 16:25:47 +0000 (GMT) (envelope-from fandino@ng.fadesa.es) Received: from tierra2.ng.fadesa.es (tierra2.ng.fadesa.es [195.55.55.166]) by mx1.FreeBSD.org (Postfix) with ESMTP id D8B0C43D4C for ; Wed, 1 Jun 2005 16:25:46 +0000 (GMT) (envelope-from fandino@ng.fadesa.es) Received: from [195.55.55.163] ([195.55.55.163]) (authenticated bits=0) by tierra2.ng.fadesa.es (8.12.10/8.12.10) with ESMTP id j51GPknZ008300 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 1 Jun 2005 18:25:46 +0200 Message-ID: <429DE188.5020908@ng.fadesa.es> Date: Wed, 01 Jun 2005 18:25:44 +0200 From: fandino User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050319 X-Accept-Language: gl, en, es MIME-Version: 1.0 To: freebsd-ports@freebsd.org References: <429D8B3B.50203@ng.fadesa.es> <29469499@srv.sem.ipt.ru> In-Reply-To: <29469499@srv.sem.ipt.ru> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authenticated-Sender: user fandino from 195.55.55.163 Subject: Re: kadmin (heimdal port) ignores the ldap backend X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: fandino@ng.fadesa.es List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Jun 2005 16:25:47 -0000 Boris Samorodov wrote: > On Wed, 01 Jun 2005 12:17:31 +0200 fandino wrote: >> I'm testing a new configuration with heimdal and the ldap backend >>but kadmin is completely ignoring the ldap directive in the dbname >>definition. ... >>when the realm is initied kadmin creates a couple of files with the literal >>dbname definition (adding ldap: as filename prefix) instead of contacting >>the openldap server. > > >># /usr/local/sbin/kadmin -l >>kadmin> init OLIMPUS >>Realm max ticket life [unlimited]: >>Realm max renewable ticket life [unlimited]: >># ls -l >>... >>-rw------- 1 root wheel 32768 May 31 10:19 ldap:ou=gods,dc=olimpus.db >>-rw------- 1 root wheel 7584 May 31 10:19 ldap:ou=gods,dc=olimpus.log >>... >>anyone knows what I'm missing? > > What version of FreeBSD do you have? 5.4-RELEASE has heimdal 0.6.3 at > the base system. I'm using 5.4-RELEASE. > Do you build FreeBSD with Kerberos support? There may be system Yes, it was builded with Kerberos(0.6.3) and the heimdal port (0.6.3) was also installed in order to get ldap support for kerberos without getting messed with the system kerberos. > libraries located earlier in LDD_PATH which kadmin uses. Try ktrace > and kdump to see which libraries are used at run-time. you have found something interesting, this strace[1] shows us that /usr/local/sbin/kadmin (the port kadmin binary) is using "/usr/local/lib/libkadm5clnt.so.6" and "/usr/lib/libkadm5srv.so.7" could libkadm5srv be the culprit (now I haven't access to this box)? how I can force /usr/local/sbin/kadmin to use the port library and not the system library? Thanks you. [1] http://195.55.55.164/tests/FreeBSD/strace.txt