[Samba] Still having touble with Redhat 7.1 and windows 2003 DC
authentication.
Gavin Davenport
gavdav at gavdav.demon.co.uk
Wed Oct 8 20:54:06 GMT 2003
Hi there.
I've been trying to coax a redhat 7.1 and 8.0 system to accept new krb RPMs
without resorting to --nodeps. Unsuccessfully.
There seems to have been a major change between a krb5-libs-1.2.4x RPM and a
krb5-libs-1.3.1x RPM - including that a 1.3 RPM does NOT provide a
/usr/kerberos/lib/libcom_err.so.3.0.
Lots of things seem to depend on this krb5 .so being present (including
openssh, cyrus-sasl, nss-ldap).
I stripped back what I could, but when the next things to be uninstalled to
break the dependency chain were packagess like 'passwd' - I stopped.
I managed to find this from rpmfind:
* Wed Jun 18 2003 Nalin Dahyabhai <nalin at redhat.com> 1.3-0.beta.4
- test update to 1.3 beta 4
- ditch statglue build option
- krb5-devel requires e2fsprogs-devel, which now provides libss and
libcom_err
I have had to upgrade my e2fsprogs(&devel) to suit this.
I finally chose to resort to a --nodeps upgrade of the krb5 and cyrus-sasl
packages on the redhat 8.0 machine
I also symlinked the libcome_err.so so it can be found in the libpath:
-rwxr-xr-x 1 root root 9699 Oct 8 15:03
/lib/libcom_err.so.2.1
lrwxrwxrwx 1 root root 17 Oct 8 15:10
/lib/libcom_err.so.2 -> libcom_err.so.2.1
lrwxrwxrwx 1 root root 17 Oct 8 21:03
/lib/libcom_err.so.3 -> libcom_err.so.2.1
so sshd starts without complaint.
As this .so used to be provided by krb-libs-1.2.x, can anyone shed any light
on why this is now offered by e2fsprogs ?
It seems krb5-devel-1.3.1 contains a subset of whats in krb5-devel-1.2.4-11,
and files are delivered into different places, e.g. :
1.2.4x - /usr/kerberos/include/krb5.h
1.3.1x = /usr/include/krb5.h.
There are a number of other files in krb5-1.2.4 that are now not in
krb5-1.3.1 and dispersed across other (rawhide) RPMs, meaning the SRPM build
doesn't find the krb5.h and fails.
I don't know if any other redhat users have succeeded in getting samba 3.0.0
talking to a 2003 ADS server - I think this is really unpleasant.
BTW - when I installed MIT krb5 from
http://www.crypto-publish.org/dist/mit-kerberos5/krb5-1.3.1.tar.gz
I specified it in the samba3.spec file delivered by the src rpm.
(using --with-krb5=/usr/local/kerberos \) (where I installed it)
I don't know whether the rpmbuild process prefers to use the system resident
krb5 stuff
(at /usr/kerberos)
but it ignored the krb installation I specified. Is that a (build) bug or
did I do it wrong ??
Gavin Davenport
More information about the samba
mailing list