From owner-freebsd-ports@FreeBSD.ORG Thu Jun 2 11:05:12 2005 Return-Path: X-Original-To: freebsd-ports@FreeBSD.org Delivered-To: freebsd-ports@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 55E8A16A41C; Thu, 2 Jun 2005 11:05:12 +0000 (GMT) (envelope-from fandino@ng.fadesa.es) Received: from tierra2.ng.fadesa.es (tierra2.ng.fadesa.es [195.55.55.166]) by mx1.FreeBSD.org (Postfix) with ESMTP id 985F343D4C; Thu, 2 Jun 2005 11:05:01 +0000 (GMT) (envelope-from fandino@ng.fadesa.es) Received: from [195.55.55.163] ([195.55.55.163]) (authenticated bits=0) by tierra2.ng.fadesa.es (8.12.10/8.12.10) with ESMTP id j52B4unZ015261 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 2 Jun 2005 13:04:57 +0200 Message-ID: <429EE7D8.4050900@ng.fadesa.es> Date: Thu, 02 Jun 2005 13:04:56 +0200 From: fandino User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050319 X-Accept-Language: gl, en, es MIME-Version: 1.0 To: freebsd-ports@FreeBSD.org References: <429D8B3B.50203@ng.fadesa.es> <29469499@srv.sem.ipt.ru> <429DE188.5020908@ng.fadesa.es> <09783236@srv.sem.ipt.ru> In-Reply-To: <09783236@srv.sem.ipt.ru> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Authenticated-Sender: user fandino from 195.55.55.163 Cc: freebsd-stable@FreeBSD.org Subject: Re: kadmin (heimdal port) ignores the ldap backend X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: fandino@ng.fadesa.es List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Jun 2005 11:05:12 -0000 Boris Samorodov wrote: >>>Do you build FreeBSD with Kerberos support? There may be system > >>Yes, it was builded with Kerberos(0.6.3) and the heimdal port > > Aha, thus you install system libraries to /usr/lib etc... > >>(0.6.3) was also installed in order to get ldap support for heimdal > > ...and those libraries from the port install to /usr/local/lib... correct. >>kerberos without getting messed with the system kerberos. > > ...and finally get it messed. sometimes the longest way is _really_ the hardest way ;-) >>>libraries located earlier in LDD_PATH which kadmin uses. Try ktrace >>>and kdump to see which libraries are used at run-time. > >>you have found something interesting, this strace[1] shows us >>that /usr/local/sbin/kadmin (the port kadmin binary) is using >>"/usr/local/lib/libkadm5clnt.so.6" and "/usr/lib/libkadm5srv.so.7" >>could libkadm5srv be the culprit (now I haven't access to this box)? > > I think this is the point. > >>how I can force /usr/local/sbin/kadmin to use the port library >>and not the system library? > > 1. The main idea is to force search at /usr/local/lib before > /usr/lib ..... I removed temporally all /usr/lib/libkadm5srv* libraries and as results kadmin was forced to load /usr/local libraries, but I get the same problem :-( http://195.55.55.164/tests/FreeBSD/kdump.txt again kadmin doesn't use ldap and fallback to database files. > 2. Set HEIMDAL_HOME=/usr at /etc/make.conf. So the local_base for the > port is /usr. But then you won't get installed some docs (and maybe > some more files). (Hey, is port broken?) > > Yes, this will replace your system files. But there won't be a > mess. ;-) And, yes, you'll have to reinstall the port after system > upgrade. > > Hence, all versions are rather more a hack then even a workaround, not > to say a solution. I will try that, but I'm afraid it doesn't work because in the anterior test the correct libraries were used and the problem persists. > Who can give us a good solution? Anyone knows how to use ldap as backend for the heimdal port in FreeBSD?