On Tuesday 01 February 2005 10:30 am, Brian Elliott Finley wrote: > mklibs does pull it in, but on certain systems, including some RedHat > boxes, openssl links against kerberos, which causes it to pull the wrong > library and/or makes things break (think I've got that right -- Jerry > can clarify)
Actually, it links against kerberos on most boxes to get gssapi functionatlity. The problem is, mklibs malfuncitons on some distros (rh9) and tries to pull in libcom_err.so.3.0 from kerberos in place of the 2.x version we (should have but don't) build with e2fsprogs. You can get e2fsprogs to link correctly on rh9 by altering the make .rul file to build the shared libraries for e2fsprogs AND removing /usr/kerberos/lib from the ld.so.conf file. When you do that, however, openssh won't link because the distro openssl *needs* /usr/kerberos/lib. A solution to that is to build openssl from source turning off gssapi support. I think it's pretty unlikely that anyone would issue a universal krb5.keytab file to a system image. > The current theory is, that if we build our own openssl, then we don't > have to worry about different linkages on different boxes. You bet. In addition, I think Andrea's modifications to the openssh.rul file are probably worthwhile. > I haven't confirmed this myself, but am going based on Jerry's comments > from his efforts at trying to build the 3.4.0 rpms. [remainder deleted] ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Sisuite-devel mailing list Sisuite-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sisuite-devel
