[2538] in Kerberos-V5-bugs

home help back first fref pref prev next nref lref last post

krb5-admin/257: kadmin/passwd is missing USE_KDB5_LIBRARY

daemon@ATHENA.MIT.EDU (tytso@MIT.EDU)
Wed Nov 27 11:53:54 1996

Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: bjaspan@MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, tytso@MIT.EDU
Date: Wed, 27 Nov 1996 11:52:02 -0500
From: tytso@MIT.EDU
Reply-To: tytso@MIT.EDU
To: krb5-bugs@MIT.EDU


>Number:         257
>Category:       krb5-admin
>Synopsis:       kadmin/passwd is missing USE_KDB5_LIBRARY
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    bjaspan
>State:          open
>Class:          sw-bug
>Submitter-Id:   unknown
>Arrival-Date:   Wed Nov 27 11:53:01 EST 1996
>Last-Modified:
>Originator:     Theodore Y. Ts'o
>Organization:
mit
>Release:        1.0-development
>Environment:
	
System: SunOS dcl 5.4 Generic_101945-37 sun4m sparc


>Description:

	This is a shared library screw because libkadm5clnt requres libkdb5
(why, I'm not sure).  If libkdb5 is dragged in because the
libkadm5clnt shared library requires it, on Linux all unresolved
references (in this case, the berk_db library) have to resolved at run
time or the program won't run.  If libkdb5 is explicitly mentioned on
the link line, unresolved references are OK.  This is arguably a bug
in the Linux's run-time linker, since Solaris apparently manages to
get this one right. 

	The other question is why libkadm5clnt requires libkdb5 in the first
place.  It's not clear that it does, and removing libkdb5 is probably
the correct correct long-term solution (why should clients need to
have the libkdb5 shared library installed on their system?) However,
the lowest risk fix is to just add USE_KDB5_LIBRARY to the kpasswd
configure.in file. 

	The other question is why hasn't anyone noticed this before?  I don't
know if this is a recent change to the Linux shared library loader, or
whether no one has simply ever tried running kpasswd under Linux
before.  I only caught it because of the kpasswd unit tests, which I hadn't
been runing until now.  (Mea culpa.)

	This is, unfortunately, serious enough for us to require yet another
minor code thaw.  Argh.....

>How-To-Repeat:
	
>Fix:
	
>Audit-Trail:
>Unformatted:

home help back first fref pref prev next nref lref last post