Ralf Hildebrandt <ralf.hildebra...@charite.de> writes:
> * Russ Allbery <r...@debian.org>:

>> Soon, probably in the next release, it will gain a configuration option
>> that does the equivalent of KRB5_TRACE but works in secure contexts.

> Are there any command line tool I could use to find out why the new
> version is unwilling to talk to our ADC infrastructure? Maybe those
> tools could yield a hint. If there are any.

You probably really want a patched version of libpam-krb5 because it's the
verify step that's failing, and I don't think there's a good way to run
that from the command line.

I just tried implementing support for enabling Kerberos library trace
logging in the Git version of pam-krb5, but discovered that the required
function, while publicly prototyped, isn't exported by MIT Kerberos.  I
filed a bug about that in the MIT Kerberos RT.

-- 
Russ Allbery (r...@debian.org)               <http://www.eyrie.org/~eagle/>



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to