[Bug 971028] Re: kerberos auth doesn't work because of kerberos server not found
[Expired for krb5 (Ubuntu) because there has been no activity for 60 days.] ** Changed in: krb5 (Ubuntu) Status: Incomplete = Expired -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/971028 Title: kerberos auth doesn't work because of kerberos server not found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/971028/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 971028] Re: kerberos auth doesn't work because of kerberos server not found
It doesn't matter if debconf used or not. /etc/ldap.conf is overwritten in all cases with a new, sometimes partly correct (as changed by me) version (server names are correct, but not selection rules), sometimes at whole. Recovering is easy: just take a /etc/ldap.conf from on of your working servers and copy it over. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/971028 Title: kerberos auth doesn't work because of kerberos server not found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/971028/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 971028] Re: kerberos auth doesn't work because of kerberos server not found
Thomas I'm not sure that /etc/ldap.conf is installed by libpam-ldapd - it will certainly try to parse /etc/ldap.conf if it exists on upgrade but by default its configuration is installed in /etc/nslcd.conf. This change happened in 2009 so I think its un-related to what you are seeing. With regards to /etc/ldap/ldap.conf - yes libldap-2.4-2 does install that package but as its registered as a config file it should not have tried to overwrite your localized changed. Do you happen to have upgrade logs for one of the installations where you see this issue? They should be in /var/log/dist-upgrade. This might help shed more light on this problem Thanks -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/971028 Title: kerberos auth doesn't work because of kerberos server not found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/971028/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 971028] Re: kerberos auth doesn't work because of kerberos server not found
Hi Thomas Thanks again for the extra information. /etc/ldap/ldap.conf is classified as a configuration file so package changes to this file should not overwrite you local changes without prompting. However looking at this file it had not been changed between oneiric and precise so I'm not quite sure why you are hitting this issue (I have not been able to reproduce this locally following the same upgrade path). Please could you check the package ownership of this files by running the following commands: dpkg -S /etc/ldap/ldap.conf dpkg -S /etc/ldap.conf Please post the output in the bug report. Thanks -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/971028 Title: kerberos auth doesn't work because of kerberos server not found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/971028/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 971028] Re: kerberos auth doesn't work because of kerberos server not found
# dpkg -S /etc/ldap/ldap.conf libldap-2.4-2: /etc/ldap/ldap.conf # dpkg -S /etc/ldap.conf dpkg-query: no path found matching pattern /etc/ldap.conf. For /etc/ldap/ldap.conf package libldap-2.4-2 has installed it. While /etc/ldap.conf does not have a candidate, but it is installed by libpam- ldapd. /etc/ldap/ldap.conf is used by various ldap tools to set defaults, while /etc/ldap.conf instructs pam how to read the ldap- database for user information. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/971028 Title: kerberos auth doesn't work because of kerberos server not found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/971028/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 971028] Re: kerberos auth doesn't work because of kerberos server not found
** Changed in: krb5 (Ubuntu) Importance: Undecided = Low -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/971028 Title: kerberos auth doesn't work because of kerberos server not found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/971028/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 971028] Re: kerberos auth doesn't work because of kerberos server not found
Hi Thomas Looking at the title of this bug 'kerberos auth doesn't work because of kerberos server not found' - I'm struggling to see what the bug actually is as this sounds like reasonable behavior. Is this related to bug 971046 that you raised? It would be good to understand how these issues relate to each other and get a better view of your overall configuration so we can try to triage this bug (and the others) more effectively. ** Changed in: krb5 (Ubuntu) Status: New = Incomplete -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/971028 Title: kerberos auth doesn't work because of kerberos server not found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/971028/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 971028] Re: kerberos auth doesn't work because of kerberos server not found
I was looking in the wrong direction, because of kerberos errors, after upgrading from oneiric to precise. This bug is not related to kerberos, but to OpenLDAP. OpenLDAP has two configuration files for authenticating against a ldap-server: /etc/ldap/ldap.conf -- used by nsswitch /etc/ldap.conf -- used by other tools including kerberos, if kerberos data is stored in ldap. Both of these files are overwritten by do-release-upgrade -d, breaking the connection to your ldap-server. In tune kerberos can't read it's database (stored in ldap) any more, while the connection is not broken, because /etc/krb5.conf holds the necessary information. But Informations for authenticating kerberos against ldap are stored in /etc/ldap/ldap.conf and these are lost. The error messages kerberos exausts lead in a false direction. Resoring the files /etc/ldap/ldap.conf and /etc/ldap.conf solves the problem. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/971028 Title: kerberos auth doesn't work because of kerberos server not found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/971028/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 971028] Re: kerberos auth doesn't work because of kerberos server not found
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/971028 Title: kerberos auth doesn't work because of kerberos server not found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/971028/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs