[OpenAFS] gssklog[d] on debian (sparc and intel)

Chris McClimans openafs-info@mcclimans.net
Thu, 28 Aug 2003 09:11:44 -0500 

I poked around and I thought it was not using the fqdn, but 
gssklog@oak. I should listen to the docs  and author my own 
assumptions. ;)

(gdb) print server_name_char
$4 = 0x31f80 "gssklog@oak"
(gdb) bt
#0  main (argc=1, argv=0xeffffd24) at ./gssklogd.c:358
(gdb) print server_name_char
$5 = 0x31f80 "gssklog@oak"
(gdb)

On Thursday, August 28, 2003, at 08:14  AM, Douglas E. Engert wrote:

>
>
> Chris McClimans wrote:
>>
>> Even though I created a principal for use with gssklog, it doesn't 
>> seem
>> to find the correct principal name ;(
>>
>> # klist -ket  | grep gssklog
>>     3 08/27/03 19:58:37 gssklog/oak@CS.TTU.EDU (Triple DES cbc mode 
>> with
>> HMAC/sha1)
>>     3 08/27/03 19:58:37 gssklog/oak@CS.TTU.EDU (DES cbc mode with 
>> CRC-32)
>>
>
> The hostname in the prinsiple must be fully qualifed like 
> oak.cs.ttu.edu
> So the principal must be gssklog/oak.cs.ttu.edu@cCS.TTU.EDU
>
>
>
>> # ./gssklogd -a /etc/openafs/server/KeyFile -k /etc/krb5.keytab -E
>> TTU.EDU -E CS.TTU.EDU
>> GSS-error acquiring credentials: major_status:000d0000
>> minor_status:025ea101
>> Miscellaneous failure
>> No principal in keytab matches desired name
>
> Its looking for the full name.
>
>>
>> We are running debian-3.0r1 and used the following configure with
>> gssklog:
>>
>> ./configure --with-afs=/usr --with-gss-include=/usr/include/gssapi \
>> --with-gss-lib-dir=/usr/lib --with-gss-lib-name=gssapi_krb5 \
>> --with-client-extra-ldflags=-ldes --with-server-extra-ldflags=-ldes
>> --enable-server --enable-pam
>>
>> Add the following at configure.in line 250:
>>         linux*)
>>                 if test "x${CC}" = xgcc ; then
>>                         LDFLAGS="${LDFLAGS} 
>> -Wl,--noinhibit-exec,-rpath,${gssklog_cv_rpaths}"
>>                         LDFLAGS_PAM="${LDFLAGS_PAM} -shared"
>>                         CFLAGS_PAM="${CFLAGS_PAM} -fPIC"
>>                 else
>>                         echo "You may need to add extra LDFLAGS"
>>                  fi
>>                  ;;
>>
>> --
>> Chris McClimans  / Director of Undergraduate Labs / Texas Tech 
>> Computer
>> Science
>> http://www.cs.ttu.edu
>>
>> _______________________________________________
>> OpenAFS-info mailing list
>> OpenAFS-info@openafs.org
>> https://lists.openafs.org/mailman/listinfo/openafs-info
>
> -- 
>
>  Douglas E. Engert  <DEEngert@anl.gov>
>  Argonne National Laboratory
>  9700 South Cass Avenue
>  Argonne, Illinois  60439
>  (630) 252-5444