[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: kpasswdd configuration question

To: "Henry B. Hotz" <hotz@jpl.nasa.gov>
Subject: Re: kpasswdd configuration question
From: Love <lha@stacken.kth.se>
Date: Thu, 04 Mar 2004 05:59:36 +0100
Cc: heimdal-discuss@sics.se
In-Reply-To: <p05210607bc6c22ed5b5e@[128.149.196.150]> (Henry B. Hotz'smessage of "Wed, 3 Mar 2004 19:25:16 -0800")
References: <002501c40052$1f340e40$6501010a@C5043436><404489B4.12FD993A@anl.gov> <4044C857.30502@kzsdabas.sulinet.hu><4044E22B.3000405@kzsdabas.sulinet.hu><003701c40107$bdb39bc0$6501010a@C5043436> <4045DA5C.6D8FA58E@anl.gov><p05210602bc6bda284d48@[128.149.196.150]><am4qt5h93f.fsf@nutcracker.stacken.kth.se><p05210607bc6c22ed5b5e@[128.149.196.150]>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix)

"Henry B. Hotz" <hotz@jpl.nasa.gov> writes:

> I have an inetd.conf entry I cribbed from NetBSD on the Solaris machine, vis:
> kpasswd         dgram   udp             wait    root
> /usr/heimdal/libexec/kpasswdd   kpasswdd
> (ignore line wrap)
>
> The man page is silent on the issue, but the web page notes say
> kpasswdd is not run from inetd.  Who's right?  NetBSD, or the web
> documentation, or does it depend?

NetBSD kpasswdd is patched to allow running from inetd. this patch was
never reintegratated in Heimdal. Heimdal requires you to run the the
kpasswdd as a server process.

> The kpasswdd man page mentions a keytab, but it's not mentioned in the
> web docs.  Does the daemon need a keytab?  If so I presume it's the
> kadmin/changepw principal that needs to go in it?  (And where's the
> keytab on NetBSD since I'm sure I never created one there.)

Yes, it for that reason. Default it reads the keytab from the "HDB:" keytab
(ie the database itself).

>>Did kpasswdd log anything ?
>
> I thought it was supposed to log the same default place as the kdc. I
> included that log.  Was there supposed to be more?

Maybe, but I don't know where, it logs to the "kpasswd" log facility
configuried in krb5.conf, or if its not, to syslog.

Love

PGP signature

Follow-Ups:
- Re: kpasswdd configuration question
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>

References:
- Kerberos IF_RELEVANT/PAC structure question
  - From: "Ronnie Sahlberg" <ronnie_sahlberg@ozemail.com.au>
- Re: Kerberos IF_RELEVANT/PAC structure question
  - From: "Douglas E. Engert" <deengert@anl.gov>
- Re: Kerberos IF_RELEVANT/PAC structure question
  - From: Gémes Géza <geza@kzsdabas.sulinet.hu>
- Re: Kerberos IF_RELEVANT/PAC structure question
  - From: Gémes Géza <geza@kzsdabas.sulinet.hu>
- Re: Kerberos IF_RELEVANT/PAC structure question
  - From: "Ronnie Sahlberg" <ronnie_sahlberg@ozemail.com.au>
- Re: Kerberos IF_RELEVANT/PAC structure question
  - From: "Douglas E. Engert" <deengert@anl.gov>
- kpasswdd configuration question
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
- Re: kpasswdd configuration question
  - From: Love <lha@stacken.kth.se>
- Re: kpasswdd configuration question
  - From: "Henry B. Hotz" <hotz@jpl.nasa.gov>

Prev by Date: Re: kpasswdd configuration question
Next by Date: Re: kpasswdd configuration question
Prev by thread: Re: kpasswdd configuration question
Next by thread: Re: kpasswdd configuration question
Index(es):
- Date
- Thread