Bug#525785: sasl2-bin: saslauthd with kerberos5 doesn't work
Friedemann Stoyan
fstoyan at swapon.de
Mon Apr 27 08:51:07 UTC 2009
On 27.04.09 00:16, Russ Allbery wrote:
> Friedemann Stoyan <fstoyan at swapon.de> writes:
>
> > when using saslauthd with kerberos5 authentication mechanism it simply
> > fails with:
> > "saslauthd[10678]: do_auth: auth failure: [user=xxx] [service=ldap] [realm=xxxxxxxxxxxxx] [mech=kerberos5] [reason=saslauthd internal error]"
> >
> > Fix:
> > Explicitly set the environment in "/etc/default/saslauthd" and point to the keytab:
> > KRB5_KTNAME=/etc/krb5.keytab
> >
> > Please include this environment in default configuration.
>
> That's an odd problem and fix since that's the default keytab location.
> If KRB5_KTNAME isn't set in the environment, that's the path that should
> be used by the library by default.
This was my assumption too. It seems that saslauthd ignores the library
defaults.
> Do you have KRB5_KTNAME set in the environment before running the init
> script for some reason?
No, I haven't.
Regards
Friedemann
More information about the Pkg-cyrus-sasl2-debian-devel
mailing list