[30553] in Kerberos
Re: list_principals not allowed, acl file not opened?
daemon@ATHENA.MIT.EDU (Julius)
Wed Dec 17 12:50:45 2008
From: Julius <commercials@gmx.net>
To: Kerberos@mit.edu
In-Reply-To: <1229452718.23236.6.camel@wf.localdomain.de>
Date: Wed, 17 Dec 2008 18:49:37 +0100
Message-Id: <1229536177.2812.20.camel@wf.localdomain.de>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Tue, 2008-12-16 at 19:38 +0100, Julius wrote:
> /usr/local/var/krb5kdc/kdc.conf
> [kdcdefaults]
> kdc_ports = 750,88
>
> [realms]
> LOCALDOMAIN.DE = {
> acl_file = /opt/mit-krb5/var/krb5kdc/kadm5.acl
> }
>
>
>
> /opt/mit-krb5/var/krb5kdc/kadm5.acl
> */admin@LOCALDOMAIN.DE *
>
>
>
> kadmin -p admin/admin
> Authenticating as principal admin/admin with password.
> Password for admin/admin@LOCALDOMAIN.DE:
> kadmin: list_principals
> get_principals: Operation requires ``list'' privilege while retrieving
> list.
>
>
> strace ./krb5kdc 2>&1 |grep usr does not list kdc.conf file?
>
>
> what is going wrong here?
>
>
>
> krb5.conf:
> [libdefaults]
> default_realm = LOCALDOMAIN.DE
>
> [logging]
> kdc = FILE:/var/log/krb5-kdc.log
> admin_server = FILE:/var/log/krb5-kadmin.log
> default = FILE:/var/log/krb5-default.log
>
> [realms]
> LOCALDOMAIN.DE = {
> admin_server = night_crawler.localdomain.de
> }
>
>
>
>
>
> greets
package is configured with --localestatedir=/... the kadm5.acl is
working from there.
On the end of kdc.conf(5) it says:
/usr/local/var/krb5kdc/kdc.conf
is this path maybe changeable with --prefix=?
or why was my kadm5.acl not found?
Julius
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
