Re: kadmin (heimdal port) ignores the ldap backend
Boris Samorodov wrote: On Mon, 06 Jun 2005 13:59:48 +0200 fandino wrote: ok, I see two possibles fixes: 1) set NO_KERBEROS in /etc/make.conf, it seems more painless solution than making wrapper scripts around kadmin, kdc, kpasswd and all kerberized programs. You'll get non-kerberized apps. One of the most important is sshd. Those from port uses imho MIT Kerberos implementation. you are right here. 2) also setting HEIMDAL_HOME=/usr at /etc/make.conf can be another solution. Now, to send a problem report to the heimdal maintainer port I think 2) is better because it's easier overwrite the base system than locate and remove several files. This one is better. ok, I will send this as the suggested solution. And what about doing as-is now but changing LD_SEARCH order? I'm not sure about the implications of changing LD_SEARCH order because some ports are present in the base system and in the ports collection (sendmail, openssl, named,...) and I'm afraid of not so obvious combinations. Regards. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: kadmin (heimdal port) ignores the ldap backend
Scot Hetzel wrote: I believe you have to set NO_KERBEROS in /etc/make.conf. Then rebuild install the FreeBSD sources in /usr/src. Then after the installworld, you'll need to go to the /usr/lib directory and move/remove all libs that are older than the date of the install. ok, I see two possibles fixes: 1) set NO_KERBEROS in /etc/make.conf, it seems more painless solution than making wrapper scripts around kadmin, kdc, kpasswd and all kerberized programs. 2) also setting HEIMDAL_HOME=/usr at /etc/make.conf can be another solution. Now, to send a problem report to the heimdal maintainer port I think 2) is better because it's easier overwrite the base system than locate and remove several files. what do you think about this? ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: kadmin (heimdal port) ignores the ldap backend
Boris Samorodov wrote: I removed temporally all /usr/lib/libkadm5srv* libraries and as results kadmin was forced to load /usr/local libraries, but I get the same problem :-( again kadmin doesn't use ldap and fallback to database files. From your dump: 58516 kadmin CALL access(0x28079000,0) 58516 kadmin NAMI /usr/lib/libhdb.so.7 58516 kadmin RET access 0 58516 kadmin CALL open(0x28076040,0,0xbfbfebcc) 58516 kadmin NAMI /usr/lib/libhdb.so.7 58516 kadmin RET open 3 58516 kadmin CALL fstat(0x3,0xbfbfebcc) 58516 kadmin RET fstat 0 58516 kadmin CALL read(0x3,0x28070c40,0x1000) 58516 kadmin GIO fd 3 read 4096 bytes Thus kadmin is using the system libhdb. The port version shuold be at /usr/local/lib. Effectively /usr/lib/libhdb.so.7 was the cause of the problem. Thank you Boris. I'd like to ask what is the proper way of treat with this conflict? is it unavoidable? is there any solution? Also it'd be interesting if a warning was printed by the port install script advising the consequences of enable LDAP backend in the heimdal port. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: kadmin (heimdal port) ignores the ldap backend
Boris Samorodov wrote: Do you build FreeBSD with Kerberos support? There may be system Yes, it was builded with Kerberos(0.6.3) and the heimdal port Aha, thus you install system libraries to /usr/lib etc... (0.6.3) was also installed in order to get ldap support for heimdal ...and those libraries from the port install to /usr/local/lib... correct. kerberos without getting messed with the system kerberos. ...and finally get it messed. sometimes the longest way is _really_ the hardest way ;-) libraries located earlier in LDD_PATH which kadmin uses. Try ktrace and kdump to see which libraries are used at run-time. you have found something interesting, this strace[1] shows us that /usr/local/sbin/kadmin (the port kadmin binary) is using /usr/local/lib/libkadm5clnt.so.6 and /usr/lib/libkadm5srv.so.7 could libkadm5srv be the culprit (now I haven't access to this box)? I think this is the point. how I can force /usr/local/sbin/kadmin to use the port library and not the system library? 1. The main idea is to force search at /usr/local/lib before /usr/lib . I removed temporally all /usr/lib/libkadm5srv* libraries and as results kadmin was forced to load /usr/local libraries, but I get the same problem :-( http://195.55.55.164/tests/FreeBSD/kdump.txt again kadmin doesn't use ldap and fallback to database files. 2. Set HEIMDAL_HOME=/usr at /etc/make.conf. So the local_base for the port is /usr. But then you won't get installed some docs (and maybe some more files). (Hey, is port broken?) Yes, this will replace your system files. But there won't be a mess. ;-) And, yes, you'll have to reinstall the port after system upgrade. Hence, all versions are rather more a hack then even a workaround, not to say a solution. I will try that, but I'm afraid it doesn't work because in the anterior test the correct libraries were used and the problem persists. Who can give us a good solution? Anyone knows how to use ldap as backend for the heimdal port in FreeBSD? ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
re(4) and half-duplex -- FreeBSD 5.4-RC4
Hello, I was trying to connect a FreeBSD box with an integrated realtek network card to a hub but the re driver is unable to set the card in half-duplex: # ifconfig re0 inet 10.20.30.40 netmask 255.255.255.0 mtu 1492 media 10baseT/UTP mediaopt half-duplex up ifconfig: SIOCSIFMEDIA (mediaopt): Device not configured # # ifconfig re0 inet 10.20.30.40 netmask 255.255.255.0 mtu 1492 media 10baseT/UTP mediaopt full-duplex up # however, the man page for this driver states that both modes are supported: [] The re driver supports the following media options: full-duplex Force full duplex operation. half-duplex Force half duplex operation. [] because this I have a lot of collisions in the hub port. I think either the re driver is unable to manage half-duplex on this chip or simply the man page is wrong. Regards. /-/ re0: RealTek 8169S Single-chip Gigabit Ethernet port 0x8c00-0x8cff mem 0xe1006000-0xe10060ff irq 16 at device 11.0 on pci1 miibus0: MII bus on re0 rgephy0: RTL8169S/8110S media interface on miibus0 rgephy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX, 1000baseTX-FDX, auto re0: Ethernet address: 00:0d:61:78:cf:2f ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]