[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heimdal-Openldap how to store principals?

Andrew Bacchi wrote:

>Thanks for your help.
    You're welcome.

>I rebuilt Heimdal using additional --with-openssl=path/to/openssl 
>directives, hoping that was my main problem.  I don't think so.
>I tried 'init RPI.EDU, and these files are deposited in the pwd.   These
>are indeed the kerberos database files.  If I delete them, all kerberos
>accounts are lost.  The files and accounts are recreated upon an 'init
>RPI.EDU' command.
>So, it appears I don't have the Unix Socket working correctly.  Is this
>connected to ssl or cyrus-sasl. or is it independent of either?  I will
>have to do some reading on sockets.
    I don't think the connection through the unix socket has anything to 
do with ssl or cyrus-sasl. Maybe you could strace the heimdal process, 
so you're able to see which location is trying to open. That way you 
could configure OpenLDAP to place the socket in that location, if that's 
the problem.

>The system log reports this from kerberos:
>Aug 27 10:38:44 ldap3 kernel: application bug: kadmind(30385) has
>SIGCHLD set to SIG_IGN but calls wait().
>Aug 27 10:38:44 ldap3 kernel: (see the NOTES section of 'man 2 wait').
>Workaround activated.
    No idea what this means, but wild guessing I would say that kadmind 
(or some child process) has exited abruptly.

    Best regards