>>>>> "mikef" == Mike Friedman <[EMAIL PROTECTED]> writes:
mikef> Just to make sure that my symptoms (described below) were not mikef> related to the fact that I was issuing 'kadmin' on the KDC mikef> itself, I built a 1.3.4 (with patches) on another system and mikef> tried kadmin there. I get the same result: a message that says mikef> Couldn't open log file /var/log/kerberos/kerberos.log: Permission denied mikef> I don't understand why client kadmin is trying to open a log file, mikef> especially with R/W access. It never did this on earlier releases. The kadmin client is built in both a networked form and a local form. kadmin.local needs to run on a KDC host with privileges to read/write the KDB, and the server-side kadm5 library it uses does need to do some logging. The kadmin client code itself is identical; only the library with which it is linked is different. Unfortunately, the kadmin client code cannot easily distinguish between running in local mode on a KDC host and running as a networked client, so it too attempts to open the logfile. Fixing this problem correctly would probably involve giving the kadmin client a means of determining whether it is running as a local client or as a networked client. ---Tom ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
