Date: Sun, 23 Nov 2014 01:21:59 +1000 From: R Skinner <rocky@herveybayaustralia.com.au> To: cy@FreeBSD.org Cc: ports@FreeBSD.org Subject: FreeBSD Port: krb5-1.13 Message-ID: <5470AA17.4040008@herveybayaustralia.com.au>
next in thread | raw e-mail | index | archive | help
An interesting point came up in one of my ventures - I was trying to set up a kerberos system with ldap for authentication/authorisation, therefore using ldap as the backend for the kerberos. I ran make install clean from ports and set ldap options in the config, then tried to get it all running using some docs and tutorials I googled up. All of them mention a kerberos.schema file needed in openldap/schema/. So I started hunting for it; couldn't find it. Looked online at various sites (including mit) and it is mentioned, but all information pointed to it being available under share/doc/ in some form. But to my chagrin, it was not to be found at all. Now I'm really got my challenge on, so I look deeper. I checked the plist file and it is not mentioned, though one would think it would be if ldap is set in the config. I looked all through near every file, ran find commands; all no good. I then run make again and attempt to see if it is actually shipped with the tar ball. Finally, looking deep in the extracted and built directory (not staged, mind) I finally find my kerberos.schema, as well as a kerberos.ldif, in krb5-1.13/src/plugins/kdb/ldap/libkdb_ldap/. Now that I've narrated my little adventure, I'm left kinda curious as to why, if ldap is selected as an option in config, _and_ if this schema is so critical to the operation of ldap as a backend to kerberos (maybe even heimdal too), then why are these files simply discarded rather than installed, leaving someone like myself frustrated and mystified? :) I imagine many would simply give up or try and jerry rig something by this point, but for it to be right there... Any chance for a fix on this? I think I may have even tried to do this several years ago as well and gave up because of this same issue (although I think I may have been looking at heimdal at the time, so same issue could still be there too); had to put it in the too hard basket at the time due to temporal deficiencies... Cheers
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5470AA17.4040008>