Date: Mon, 21 May 2001 10:56:24 -0700 (PDT) From: Peter Losher <Peter.Losher@nominum.com> To: <freebsd-questions@freebsd.org> Subject: Krb5 libs (MIT & Heimdal) | SSH2 & etc. (fwd) Message-ID: <Pine.NEB.4.33.0105211055170.2773-100000@shell1.nominum.com>
next in thread | raw e-mail | index | archive | help
(Originally posted to -stable yesterday, thought I should pass it on here for more input) Hi, I recently started to work on installing a couple of FreeBSD v4.3-STABLE (as of last week) servers. As a part of that installation, I added MIT Kerberos V from ports (in /usr/local/krb5/), and compiled SSH2 (SSH Inc. - I would rather use OpenSSH, but it doen't yet support Krb5 and Krb5TgtPassing, so it's SSH 2.4.0) with Krb5 support. That was fine, until I tried to run sshd: -=- # ./sshd sshd: SSH Secure Shell 2.4.0 (non-commercial version) on i386-unknown-freebsd4.3 /usr/libexec/ld-elf.so.1:/usr/lib/libkrb5.so: Undefined symbol "initialize_asn1_error_table_r" -=- I suspect this is a case of "lib crashing" between the Heimdal Krb5 libs in /usr/lib and the MIT Krb5 libs in /usr/local/krb5/lib. Is there any way to have the MIT Kerberos libraries take precedence in this case? (recompile make buildworld with MAKE_KERBEROS5=NO perhaps?). This is going to become a major problem as (at last check) all the programs that we use for authentication require MIT Kerberos (UW_IMAP, SSH2, etc) and I can't have the integrated Heimdal libs come in and interfere like this. Has anyone faced this situation and how have they dealt with it? <rant> Integrating Kerberos into the core system in the first place was a bad idea. Doing this on 3.x (like the other FreeBSD servers I administer here) was a LOT easier, since I could pick which Krb5 suite I would intstall (MIT or Heimdal), and not have these lib conflicts. With Heimdal integrated in 4.x, that choice (as I see it so far) has been taken away from me. </rant> Best Wishes - Peter -- Peter.Losher@nominum.com - [ Systems Admin. | Nominum, Inc. ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.4.33.0105211055170.2773-100000>