Date: Thu, 02 Jun 2005 13:04:56 +0200 From: fandino <fandino@ng.fadesa.es> To: freebsd-ports@FreeBSD.org Cc: freebsd-stable@FreeBSD.org Subject: Re: kadmin (heimdal port) ignores the ldap backend Message-ID: <429EE7D8.4050900@ng.fadesa.es> In-Reply-To: <09783236@srv.sem.ipt.ru> References: <429D8B3B.50203@ng.fadesa.es> <29469499@srv.sem.ipt.ru> <429DE188.5020908@ng.fadesa.es> <09783236@srv.sem.ipt.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Boris Samorodov wrote: >>>Do you build FreeBSD with Kerberos support? There may be system > >>Yes, it was builded with Kerberos(0.6.3) and the heimdal port > > Aha, thus you install system libraries to /usr/lib etc... > >>(0.6.3) was also installed in order to get ldap support for heimdal > > ...and those libraries from the port install to /usr/local/lib... correct. >>kerberos without getting messed with the system kerberos. > > ...and finally get it messed. sometimes the longest way is _really_ the hardest way ;-) >>>libraries located earlier in LDD_PATH which kadmin uses. Try ktrace >>>and kdump to see which libraries are used at run-time. > >>you have found something interesting, this strace[1] shows us >>that /usr/local/sbin/kadmin (the port kadmin binary) is using >>"/usr/local/lib/libkadm5clnt.so.6" and "/usr/lib/libkadm5srv.so.7" >>could libkadm5srv be the culprit (now I haven't access to this box)? > > I think this is the point. > >>how I can force /usr/local/sbin/kadmin to use the port library >>and not the system library? > > 1. The main idea is to force search at /usr/local/lib before > /usr/lib ..... I removed temporally all /usr/lib/libkadm5srv* libraries and as results kadmin was forced to load /usr/local libraries, but I get the same problem :-( http://195.55.55.164/tests/FreeBSD/kdump.txt again kadmin doesn't use ldap and fallback to database files. > 2. Set HEIMDAL_HOME=/usr at /etc/make.conf. So the local_base for the > port is /usr. But then you won't get installed some docs (and maybe > some more files). (Hey, is port broken?) > > Yes, this will replace your system files. But there won't be a > mess. ;-) And, yes, you'll have to reinstall the port after system > upgrade. > > Hence, all versions are rather more a hack then even a workaround, not > to say a solution. I will try that, but I'm afraid it doesn't work because in the anterior test the correct libraries were used and the problem persists. > Who can give us a good solution? Anyone knows how to use ldap as backend for the heimdal port in FreeBSD?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?429EE7D8.4050900>