On Tue, Jun 26, 2012 at 6:34 PM, Benjamin Kaduk <[email protected]> wrote: > On Tue, 26 Jun 2012, Andrew Deason wrote: > >> On Tue, 26 Jun 2012 14:29:04 -0700 >> Tim Gustafson <[email protected]> wrote: >> >>> I was able to get past this problem by using FreeBSD's Kerberos >>> server. I was previously trying to integrate with our MIT Kerberos >>> server, but that seems to be problematic. >> >> >> To be clear, that previous error should not be caused by any interaction >> with the KDC; that is an error reached while just looking at the local >> filesystem. It could have been triggered by troubles with the key >> extraction, though. >> >>> So, I set up FreeBSD Kerberos and now I've gotten to this command: >>> >>> root@host: pts createuser -name tjg -id 1234 -localauth >>> pts: Couldn't read/write the database ; unable to create user tjg with id >>> 1234 >> >> >> Can you read from the database ('pts examine system:anyuser')? Is there >> anything in PtLog? I don't know where PtLog is with the paths the >> FreeBSD port uses, but it's wherever the other logs are. Can you check >> that prdb.DB0 and prdb.DBSYS exist, and appear to be writeable by root? >> I'm not sure where these are in the FreeBSD port, either, but they > > > At the moment, they are not initialized at all by the packaging, and I'm not > entirely sure where the binaries would be looking for them. truss(1) should > know, though. > > >> should be in a /var/lib-like location. > > > I am told that you will need to use pt_util to initialize a protection > database as part of setting up a server.
pts includes localauth support; pt_util would only be needed if you wanted to emit a specific pts database to start with, without anything interactive. -- Derrick _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
