On Thu, Jul 31, 2014 at 3:58 PM, Marcus Crestani < crest...@informatik.uni-tuebingen.de> wrote:
> >>>>>"AD" == Andrew Deason <adea...@sinenomine.net> writes: > AD> If you find yourself at a dead end, you could try running 'dtruss' to > at > AD> least see if it's trying to send packets anywhere, or see what config > AD> files it is reading, if that helps tell you what is going on. > > dtruss and the hint to look at config files helped indeed: I saw that > the only krb5 config file aklog opens by default is > > /var/db/openafs/etc/krb5-weak.conf > > that only contains two lines: > > [libdefaults] > allow_weak_crypto = true > > When I remove /var/db/openafs/etc/krb5-weak.conf, aklog uses our actual > configuration file /etc/krb5.conf and works as it should. > > That's great, thanks! > > Does anybody know why the OpenAFS.pkg installer for OS X installs > krb5-weak.conf? This is a bug, right? > > No. It's supposed to add your config and this one (which is supported) but presumably the logic in aklog which assembles said KRB5_CONF environment is failing somehow. -- D
