[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap client GSSAPI authentication segfaults in fbgsd8-stable i386

On 18/02/2010 19:50, Dieter Kluenter wrote:
George Mamalakis<mamalos@eng.auth.gr>  writes:

Dear all,

I have submitted this email to freebsd-stable mailing list as well,
but with no luck until now; so, I decided to share it with this list
as well. The email is large, only because I have tested my setup in
six different machines, and I explain my results for each one. The
problem is more simple; my email subject explains it all.

So, here is how it goes:
You didn't say anything about your kerberos setup. Did you create host
principals and ldap service principals?
Is the keytab readable by slapd user?



in my ldap server:

[root@ldap /]# ls -lrta /etc/krb5.keytab
-rw-r-----  1 root  ldap  - 446 Sep 28 19:21 /etc/krb5.keytab

but as I have already stated in my email, in one of my hosts ldapwhoami and ldapsearch work fine, either by kiniting or not. Once I kinit to user mamalos, three out of six clients work well (no segfaults or corrupted stacks). This implies that heimdal combined with slapd works fine.

As far as host principals is concerned, fbsd8stable i386 on my laptop's virtual box does not have one, but it works ok once I kinit to my user.

All tests have been performed as root, and when kiniting I use the mamalos user-principal.

Thank you for your answer.


George Mamalakis

IT Officer
Electrical and Computer Engineer (Aristotle Un. of Thessaloniki),
MSc (Imperial College of London)

Department of Electrical and Computer Engineering
Faculty of Engineering
Aristotle University of Thessaloniki

phone number : +30 (2310) 994379