-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm putting up a KDC (krb5-1.4.2) on a Solaris 10 system, an OS that is new to me (I've installed MIT K5 on Solaris 8 and 9 and other systems). It seems that kpropd won't start correctly from inetd.conf, though if I run it standalone (-S option) it works fine.
Our sysadmin talked to Sun support, who suggested contacting the 'vendor' (that's you folks!) about whether there's a special way to start kpropd as a service. I suspect there isn't, but our Unix sysadmin doesn't know why it's not working. What is apparently happening is that when I connect to port 754 from the master KDC, /usr/lib/krb5/kpropd (the Solaris version) gets launched, rather than /usr/local/kerberos/sbin/kpropd (the MIT version). And, of course, the former doesn't work since it doesn't know about my (MIT) Kerberos configuration. But /etc/inetd.conf has the following entry: krb5_prop stream tcp nowait root /usr/local/kerberos/sbin/kpropd kpropd The sympton I get on the kprop client end is a message that authentication to the server failed. Which I'd expect if the native Solaris kpropd is being run instead of MIT's kropd. I know that Solaris 10 introduces the 'smf' facility for managing services, so I figure this has something to do with the problem. But so far our sysadmin, and our Sun contact apparently, has nothing further to suggest. The sysadmin has tried several times to 'refresh' inetd via smf commands, to no avail. Any ideas? Thanks. Mike _________________________________________________________________________ Mike Friedman IST/System and Network Security [EMAIL PROTECTED] 2484 Shattuck Avenue 1-510-642-1410 University of California at Berkeley http://socrates.berkeley.edu/~mikef http://security.berkeley.edu _________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQA/AwUBRQi+ha0bf1iNr4mCEQK9dQCcC/u1kl4y7tG8J7iNPJdqF7D+tdwAoLR2 oXGor6+zQiOo9uYFkndhZjym =3kNr -----END PGP SIGNATURE----- ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
