Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) X-RT-Original-Encoding: iso-8859-1 Content-Length: 9274 From jgm+@andrew.cmu.edu Sun Oct 20 14:35:41 1996 Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id OAA01257 for ; Sun, 20 Oct 1996 14:35:41 -0400 Received: from PO10.ANDREW.CMU.EDU by MIT.EDU with SMTP id AA13346; Sun, 20 Oct 96 14:35:40 EDT Received: (from postman@localhost) by po10.andrew.cmu.edu (8.7.5/8.7.3) id OAA00767 for krb5-bugs@athena.mit.edu; Sun, 20 Oct 1996 14:35:37 -0400 Received: via switchmail; Sun, 20 Oct 1996 14:35:36 -0400 (EDT) Received: from hogtown.andrew.cmu.edu via qmail ID ; Sun, 20 Oct 1996 14:34:16 -0400 (EDT) Received: from hogtown.andrew.cmu.edu via qmail ID ; Sun, 20 Oct 1996 14:34:13 -0400 (EDT) Received: from BatMail.robin.v2.14.CUILIB.3.45.SNAP.NOT.LINKED.hogtown.andrew.cmu.edu.sun4m.54 via MS.5.6.hogtown.andrew.cmu.edu.sun4_51; Sun, 20 Oct 1996 14:34:13 -0400 (EDT) Message-Id: <4mOb2ZK00WBw0DUV80@andrew.cmu.edu> Date: Sun, 20 Oct 1996 14:34:13 -0400 (EDT) From: John Gardiner Myers To: krb5-bugs@MIT.EDU Subject: krb5-beta7: looking for kdc.conf in wrong place >Number: 124 >Category: krb5-doc >Synopsis: krb5-beta7: looking for kdc.conf in wrong place >Confidential: yes >Severity: serious >Priority: high >Responsible: bjaspan >State: closed >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Sun Oct e 14:36:01 EDT 1996 >Last-Modified: Wed Nov 13 15:21:21 EST 1996 >Originator: >Organization: >Release: >Environment: >Description: The various install and admin guides state that the location of kdc.conf can be changed with a "pointer" in /etc/krb5.conf. The man page for krb5.conf does not mention this, it should be fixed. The admin.texinfo document gives this example: [kdc] profile = @value{ROOTDIR}/lib/krb5kdc/kdc.conf This appears not to work. With an /etc/krb5.conf of: [libdefaults] default_realm = PORTOLACOMM.COM default_tgs_enctypes = des-cbc-crc default_tkt_enctypes = des-cbc-crc krb4_config = /etc/krb.conf krb4_realms = /etc/krb.realms [realms] PORTOLACOMM.COM = { kdc = porta-sparc.portolacomm.com admin_server = porta-sparc.portolacomm.com default_domain = portolacomm.com } [kdc] profile = /etc/kdc.conf [logging] kdc = SYSLOG:INFO:DAEMON admin_server = FILE:/var/adm/kadmin.log Running: /usr/local/sbin/kdb5_util create -r PORTOLACOMM.COM -s tries to create the database in the wrong location. Running truss shows that it is attempting to read kdc.conf from the compiled-in location of /usr/local/lib/krb5kdc/kdc.conf, and not /etc/kdc.conf -- _.John Gardiner Myers Internet: jgm+@CMU.EDU LoseNet: ...!seismo!ihnp4!wiscvm.wisc.edu!give!up >How-To-Repeat: >Fix: >Audit-Trail: From: "Barry Jaspan" To: krb5-bugs@MIT.EDU Cc: Subject: Re: pending/124: [tytso@MIT.EDU: Re: krb5.conf and kdc.conf pointing to each other] Date: Wed, 13 Nov 1996 13:38:42 -0500 ------- Start of forwarded message ------- Date: Wed, 13 Nov 1996 00:37:17 -0500 From: "Theodore Y. Ts'o" To: "Barry Jaspan" Cc: krbdev@MIT.EDU In-Reply-To: Barry Jaspan's message of Mon, 11 Nov 1996 12:45:07 -0500, <9611111745.AA29935@DUN-DUN-NOODLES.MIT.EDU> Subject: Re: krb5.conf and kdc.conf pointing to each other Address: 1 Amherst St., Cambridge, MA 02139 Phone: (617) 253-8091 Date: Mon, 11 Nov 1996 12:45:07 -0500 From: "Barry Jaspan" There have been several bug reports about the documentation suggesting that both krb5.conf and kdc.conf can point to each other. Obviously, this is impossible. How is it supposed to be? Which file, if either, can have a profile relation that specifies the location of the other file? What stanza does the relation occur in? As far as I can tell, neither is true any more, and we should remove from the documentation any hint that this will work. Having kdc.conf point to krb5.conf was attempted in the kdc sources, but it was broken and didn't work, so I just removed all of that code. Having the krb5.conf contain a default location for the kdc.conf file would be nice, but it looks like it's not being done in alt_prof.c, and it doesn't look like any of the new kadm5 utilities are looking anywhere except the compiled in defaults. Arguably the right way to fix this is to use first the environment variable (if it exists), then the value in krb5.conf (if it is there), and finally use the compiled-in default, to find the pathname for kdc.conf. That's not what we're doing now, though. - Ted ------- End of forwarded message ------- Responsible-Changed-From-To: gnats-admin->bjaspan Responsible-Changed-By: bjaspan Responsible-Changed-When: Wed Nov 13 13:49:46 1996 Responsible-Changed-Why: The documentation changes described in Ted's message are high priority. From: "Barry Jaspan" To: GNATS administrator Cc: krb5-bugs@MIT.EDU Subject: Re: pending/124: krb5-beta7: looking for kdc.conf in wrong place Date: Wed, 13 Nov 1996 13:49:25 -0500 `Barry Jaspan' made changes to this PR. *** /tmp/gnatsa000sh Wed Nov 13 13:48:36 1996 --- /tmp/gnatsb000sh Wed Nov 13 13:49:22 1996 *************** *** 36,41 **** --- 36,88 ---- >Release: >Environment: >Description: + + The various install and admin guides state that the location of + kdc.conf can be changed with a "pointer" in /etc/krb5.conf. The man + page for krb5.conf does not mention this, it should be fixed. + + The admin.texinfo document gives this example: + + [kdc] + profile = @value{ROOTDIR}/lib/krb5kdc/kdc.conf + + This appears not to work. With an /etc/krb5.conf of: + + [libdefaults] + default_realm = PORTOLACOMM.COM + default_tgs_enctypes = des-cbc-crc + default_tkt_enctypes = des-cbc-crc + krb4_config = /etc/krb.conf + krb4_realms = /etc/krb.realms + + [realms] + PORTOLACOMM.COM = { + kdc = porta-sparc.portolacomm.com + admin_server = porta-sparc.portolacomm.com + default_domain = portolacomm.com + } + + [kdc] + profile = /etc/kdc.conf + + [logging] + kdc = SYSLOG:INFO:DAEMON + admin_server = FILE:/var/adm/kadmin.log + + + Running: + + /usr/local/sbin/kdb5_util create -r PORTOLACOMM.COM -s + + tries to create the database in the wrong location. Running truss + shows that it is attempting to read kdc.conf from the compiled-in + location of /usr/local/lib/krb5kdc/kdc.conf, and not /etc/kdc.conf + + -- + _.John Gardiner Myers Internet: jgm+@CMU.EDU + LoseNet: ...!seismo!ihnp4!wiscvm.wisc.edu!give!up + + >How-To-Repeat: >Fix: >Audit-Trail: *************** *** 86,132 **** - Ted ------- End of forwarded message ------- >Unformatted: - The various install and admin guides state that the location of - kdc.conf can be changed with a "pointer" in /etc/krb5.conf. The man - page for krb5.conf does not mention this, it should be fixed. - - The admin.texinfo document gives this example: - - [kdc] - profile = @value{ROOTDIR}/lib/krb5kdc/kdc.conf - - This appears not to work. With an /etc/krb5.conf of: - - [libdefaults] - default_realm = PORTOLACOMM.COM - default_tgs_enctypes = des-cbc-crc - default_tkt_enctypes = des-cbc-crc - krb4_config = /etc/krb.conf - krb4_realms = /etc/krb.realms - - [realms] - PORTOLACOMM.COM = { - kdc = porta-sparc.portolacomm.com - admin_server = porta-sparc.portolacomm.com - default_domain = portolacomm.com - } - - [kdc] - profile = /etc/kdc.conf - - [logging] - kdc = SYSLOG:INFO:DAEMON - admin_server = FILE:/var/adm/kadmin.log - - - Running: - - /usr/local/sbin/kdb5_util create -r PORTOLACOMM.COM -s - - tries to create the database in the wrong location. Running truss - shows that it is attempting to read kdc.conf from the compiled-in - location of /usr/local/lib/krb5kdc/kdc.conf, and not /etc/kdc.conf - - -- - _.John Gardiner Myers Internet: jgm+@CMU.EDU - LoseNet: ...!seismo!ihnp4!wiscvm.wisc.edu!give!up --- 133,135 ---- State-Changed-From-To: open-closed State-Changed-By: bjaspan State-Changed-When: Wed Nov 13 15:19:31 1996 State-Changed-Why: Neither krb5.conf nor kdc.conf can specify the location of the other; the code never worked, it has since been removed, and I just removed the references from the documentation. I am going to submit another PR suggesting a rework of krb5.conf, kdc.conf, and --prefix that will vastly improve the situation, but that will not be done for 1.0. Files: doc/ChangeLog doc/install.texinfo src/config-files/ChangeLog src/config-files/kdc.conf.M >Unformatted: