On Mon, Jun 11, 2012 at 05:51:24PM +0200, Leon Meßner wrote: > On Mon, Jun 11, 2012 at 06:26:57PM +0300, Timo Sirainen wrote: > > On 11.6.2012, at 17.43, Leon Meßner wrote: > > > > >> import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME > > >> i > >> KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot > > >> > > >> I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME > > >> environment is being called too late. > > > > > > It's still looking inside the default krb5.keytab . > > > > Which Kerberos library are you using? Maybe it doesn't support this way of > > giving the keytab. > > I'm using the stock FreeBSD 8.2-RELEASE one which is heimdal-1.1.0 . > I will update the machine to 8.3 (which is the latest release in 8.x),
Updating and recompiling did not help. I don't know where to look for the problem though. If i use the kerberos utilities with KRB5_KTNAME the environment variable is beeing picked up ok. 19:22_root@mail3:/usr/ports/mail/dovecot# KRB5_KTNAME=/etc/mail3.krb5.keytab ktutil list /etc/mail3.krb5.keytab: Vno Type Principal 1 des-cbc-crc imap/[email protected] 1 des-cbc-md4 imap/[email protected] 1 des-cbc-md5 imap/[email protected] 1 des3-cbc-sha1 imap/[email protected] 19:34_root@mail3:/usr/ports/mail/dovecot# KRB5_KTNAME=/etc/mail3.krb5.keytab kinit -k imap/mail3.physik-pool.tu-berlin.de 19:39_root@mail3:/usr/ports/mail/dovecot# klist Credentials cache: FILE:/tmp/krb5cc_0 Principal: imap/[email protected] Issued Expires Principal Jun 12 19:39:11 Jun 13 05:39:11 krbtgt/[email protected]
