[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: binding using password from kerberos v
What's in your /etc/krb5.conf and why does it keep trying to find the
nonexistent /usr/local/kerberos/etc/krb5.conf?
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Steven Hodges
> Sent: Monday, January 28, 2002 3:17 PM
> To: openldap-software@OpenLDAP.org
> Subject: binding using password from kerberos v
>
>
> Hello...
>
> I'm having difficulty getting openldap to allow a user to bind by
> checking the userPassword against a kerberos V database. When I
> try to bind in this way, I get a core dump. At this point, I just
> want to see if there are other people currently using this feature
> of openldap, so that I can try to figure out whether it is something
> I have misconfigured or some more general problem with the software.
> If anyone has run into this and solved the problem, I would be most
> grateful for suggestions...
>
> Here are some specifics of my configuration:
>
> openldap 2.0.18
> cyrus sasl 1.5.24
> openssl 0.9.6
> berkeley db 3.2.9
> kerberos V 1.2.2b
> running on Solaris 8
> compiled with Sun cc
>
> configured with the commands:
>
> >CFLAGS="-fast"
>
> >CPPFLAGS="-I/usr/local/include -I/usr/local/ssl/include
> -I/usr/local/kerberos/include"
>
> >LDFLAGS="-s -L/usr/local/lib -R/usr/local/lib -L/usr/local/ssl/lib
> -R/usr/local/ssl/lib -L/usr/local/kerberos/lib -R/usr/local/kerberos/lib"
>
> >./configure --prefix=/usr/local/ldap --enable-kpasswd --enable-spasswd
> --enable-wrappers --enable-dynamic --enable-rlookups --enable-cache
> --with-tls=openssl --with-kerberos=k5 --without-subdir
>
> Contents of the userPassword attribute for the user trying to bind
> is userPassword:
> {KERBEROS}<myUsername>@<myRealm>
>
> Trussing the slapd process, the last things that happen before the
> core dump are:
>
> stat("/etc/krb5.conf", 0xFE981750) = 0
> open("/etc/krb5.conf", O_RDONLY) = 12
> access("/etc/krb5.conf", 2) = 0
> fstat64(12, 0xFE981588) = 0
> brk(0x001713C8) = 0
> brk(0x001733C8) = 0
> ioctl(12, TCGETA, 0xFE981514) Err#25 ENOTTY
> read(12, " [ l i b d e f a u l t s".., 8192) = 449
> brk(0x001733C8) = 0
> brk(0x001753C8) = 0
> read(12, 0x00170BCC, 8192) = 0
> llseek(12, 0, SEEK_CUR) = 449
> close(12) = 0
> stat("/usr/local/kerberos/etc/krb5.conf", 0xFE981750) Err#2 ENOENT
> getpid() = 15575 [1]
> stat("/etc/krb5.conf", 0xFE9817A0) = 0
> stat("/usr/local/kerberos/etc/krb5.conf", 0xFE9817A0) Err#2 ENOENT
> Incurred fault #6, FLTBOUNDS %pc = 0xFF1610A0
> siginfo: SIGSEGV SEGV_MAPERR addr=0x00000014
> Received signal #11, SIGSEGV [caught]
> siginfo: SIGSEGV SEGV_MAPERR addr=0x00000014
> sigprocmask(SIG_SETMASK, 0xFEC6F010, 0x00000000) = 0
> sigaction(SIGSEGV, 0xFE981338, 0x00000000) = 0
> sigprocmask(SIG_SETMASK, 0xFEC7ADE0, 0x00000000) = 0
> setcontext(0xFE9814F0)
> Incurred fault #6, FLTBOUNDS %pc = 0xFF1610A0
> siginfo: SIGSEGV SEGV_MAPERR addr=0x00000014
> Received signal #11, SIGSEGV [default]
> siginfo: SIGSEGV SEGV_MAPERR addr=0x00000014
> *** process killed ***
>
> If I left out relevant info, please ask...
>
> -steve hodges
>