Public bug reported:
The invokation of both
LANG=C kdb5_util -r example.com create # with 'example.com' != `hostname`
# and
LANG=C krb5_newrealm
fail with `kdb5_util: File exists while creating database
'/etc/krb5kdc/principal'` (both with complex password `KPZp*4=pzx^ZGnI-
dacjWaOO2` and simple password `a`. Output before is
This script should be run on the master KDC/admin server to initialize
a Kerberos realm. It will ask you to type in a master key password.
This password will be used to generate a key that is stored in
/etc/krb5kdc/stash. You should try to remember this password, but it
is much more important that it be a strong password than that it be
remembered. However, if you lose the password and /etc/krb5kdc/stash,
you cannot decrypt your Kerberos database.
Loading random data
Initializing database '/var/lib/krb5kdc/principal' for realm
'richter-local.de',
master key name 'K/m...@richter-local.de'
You will be prompted for the database Master Password.
It is important that you NOT FORGET this password.
Enter KDC database master key:
Re-enter KDC database master key to verify:
Fixing the issue by invoking
kdb5_util -r example.com -m destroy -f
before repeating commands above isn't possible due to error `kdb5_util:
No such entry in the database while retrieving master entry`, `mv
/var/lib/krb5kdc/principal /var/lib/krb5kdc/principal.bk1` doesn't help.
After reading the man pages for `kdb5_util` and `krb5_newrealm` it is
unclear what is acutally missing and/or errornous. At least I don't see
a reason for such a low quality error message.
== Ubuntu related ==
The state should be reset by invoking `apt-get purge krb5-kdc
krb5-admin-server` which isn't the case.
** Affects: krb5 (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
The invokation of both
- LANG=C kdb5_util -r example.com create # with 'example.com' != `hostname`
- # and
- LANG=C krb5_newrealm
+ LANG=C kdb5_util -r example.com create # with 'example.com' != `hostname`
+ # and
+ LANG=C krb5_newrealm
fail with `kdb5_util: File exists while creating database
'/etc/krb5kdc/principal'` (both with complex password `KPZp*4=pzx^ZGnI-
dacjWaOO2` and simple password `a`. Output before is
- This script should be run on the master KDC/admin server to initialize
- a Kerberos realm. It will ask you to type in a master key password.
- This password will be used to generate a key that is stored in
- /etc/krb5kdc/stash. You should try to remember this password, but it
- is much more important that it be a strong password than that it be
- remembered. However, if you lose the password and /etc/krb5kdc/stash,
- you cannot decrypt your Kerberos database.
- Loading random data
- Initializing database '/var/lib/krb5kdc/principal' for realm
'richter-local.de',
- master key name 'K/m...@richter-local.de'
- You will be prompted for the database Master Password.
- It is important that you NOT FORGET this password.
- Enter KDC database master key:
- Re-enter KDC database master key to verify:
+ This script should be run on the master KDC/admin server to initialize
+ a Kerberos realm. It will ask you to type in a master key password.
+ This password will be used to generate a key that is stored in
+ /etc/krb5kdc/stash. You should try to remember this password, but it
+ is much more important that it be a strong password than that it be
+ remembered. However, if you lose the password and /etc/krb5kdc/stash,
+ you cannot decrypt your Kerberos database.
+ Loading random data
+ Initializing database '/var/lib/krb5kdc/principal' for realm
'richter-local.de',
+ master key name 'K/m...@richter-local.de'
+ You will be prompted for the database Master Password.
+ It is important that you NOT FORGET this password.
+ Enter KDC database master key:
+ Re-enter KDC database master key to verify:
Fixing the issue by invoking
- kdb5_util -r example.com -m destroy -f
+ kdb5_util -r example.com -m destroy -f
before repeating commands above isn't possible due to error `kdb5_util:
No such entry in the database while retrieving master entry`, `mv
/var/lib/krb5kdc/principal /var/lib/krb5kdc/principal.bk1` doesn't help.
After reading the man pages for `kdb5_util` and `krb5_newrealm` it is
unclear what is acutally missing and/or errornous. At least I don't see
a reason for such a low quality error message.
+
+ == Ubuntu related ==
+ The state should be reset by invoking `apt-get purge krb5-kdc
krb5-admin-server` which isn't the case.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1332988
Title:
kdb5_util create and krb5_newrealm fail due to existing
/var/lib/krb5kdc/principal/wrong error message
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1332988/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
