[2008] in Kerberos_V5_Development
Re: krb5-admin/232: make check fails under NetBSD
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Sat Nov 23 17:21:52 1996
Resent-To: krbdev@MIT.EDU, krb5-bugs@MIT.EDU
Resent-From: Sam Hartman <hartmans@MIT.EDU>
Date: Sat, 23 Nov 96 15:48:45 -0500
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: marc@cygnus.com
Cc: hartmans@MIT.EDU, krbdev@cygnus.com
In-Reply-To: <199611230818.DAA01815@rover.cygnus.com> (message from Marc
Horowitz on Sat, 23 Nov 1996 03:18:48 -0500 (EST))
kadmind sets krb5_defkeyname to the admin keytab name, which is
broken, but it it also what we've got for now. If KRB5_KTNAME is set,
that gets used instead of the name in the kdc.conf file. the kdc.conf
file is correct; the keytab is in tmpdir/admin-keytab and is correct,
but KRB5_KTNAME is set most bogusly:
(gdb) p ((char **) environ)[21]
$46 = 0xf7bfdc9b "KRB5_KTNAME=/u1/var/tmp/krb5/build/kadmin/testing/krb5-test-root/ovsec_adm.srvtab"
I don't understand.
When you run start_servers, the kadmind keytab is created in the test
root dir (build/kadmin/testing/kr5-test-root/ovsec_adm.srvtab; I
presume in the example about that /u1/var/tmp/krb5/build is your build
directory). This path is also the value that is specified in the
kdc.conf which is created in the krb5-test-root directory.
Additionally, for convenience, the environment variable KRB5_KTNAME is
set by env-setup.sh, although I no longer really remember why. The
upshot is that KRB5_KTNAME and kdc.conf always agree.
You say that the keytab is in tmpdir/admin-keytab. That means you
must have mucked with the kdc.conf generated by start_servers by hand,
and created the keytab by hand, because otherwise it wouldn't be
there. In which case, I'm not surprised that the tests are breaking.
Perhaps my interpretation of what you said is not correct. In any
case, since I know this code better than anyone, I request that no one
make changes to the admin test system to "fix" this problem until I
can analyze it on Monday or get more details.
Barry
