It is a problem between Heimdal-Kerberos (built in) and MIT-Kerberos (mac ports)
With Heimdal I need tcp/ in front of my address on the kdc line: kdc = tcp/10.10..... With MIT kerberos if you have tcp/ it's can't read the address. So I can't have a single krb5.conf that works for both. I wish there was a way to make macports kinit use /etc/krb5.conf and make built in Heimdal kerberos use /Library/Preferences/edu.mit.Kerberos . On Thu, Aug 15, 2013 at 10:56 AM, Brandon Allbery <[email protected]>wrote: > On Thu, Aug 15, 2013 at 10:45 AM, Brad Allison <[email protected]>wrote: > >> When I try to kinit using macports kinit it returns "Cannot contact any >> KDC from realm...." >> >> When I try to kinit using default built in kinit (/usr/bin/kinit), it >> works and I can get tickets. >> >> So why is macports kinit broken? >> > > Not actually "broken" although I imagine you won't care about little > details like how /Library/Preferences/edu.mit.Kerberos isn't guaranteed to > be 100% compatible with /etc/krb5.conf these days (because Apple's Kerberos > is from Heimdal); and the cases where they're incompatible are almost > exactly the cases where it can't be automagically translated. There may > also be differences in how the two figure out defaults (e.g. when to use > TCP vs. UDP or which DNS names are looked up when a realm isn't defined in > the config file, there being both legacy TXT and modern SRV entries > possible and each implementation follows different rules). > > If you're lucky you can just "sudo ln -s > /Library/Preferences/edu.mit.Kerberos /etc/krb5.conf". > > -- > brandon s allbery kf8nh sine nomine > associates > [email protected] > [email protected] > unix, openafs, kerberos, infrastructure, xmonad > http://sinenomine.net >
_______________________________________________ macports-users mailing list [email protected] https://lists.macosforge.org/mailman/listinfo/macports-users
