Solaris pam-krb5 client and MIT krb5 KDC on Linux (Eliot Lebsack)

Eliot Lebsack elebsack at mitre.org
Mon Jul 26 16:47:43 EDT 2004


Kevin,

I changed the permissions to -rw-r--r-- (chmod +r) for
/etc/krb5/krb5.conf, and still get the same behavior.

My KDC has the following principals defined for my Solaris box:

machine name = sol8test.localdomain
realm = LOCALDOMAIN

principal:
host/sol8test.localdomain at LOCALDOMAIN

I did not define the "root/sol8test.localdomain at LOCALDOMAIN"
principal since I did not need to use Kerberized NFS.

Regards,

Eliot

======================================================
Eliot Lebsack                         (781) 271-5830
Lead Communications Engineer      elebsack at mitre.org
The MITRE Corporation                    Bedford, MA

-----Original Message-----
From: Kevin L. Mitchell [mailto:klmitch at MIT.EDU] 
Sent: Monday, July 26, 2004 4:23 PM
To: Eliot Lebsack
Cc: kerberos at mit.edu
Subject: RE: Solaris pam-krb5 client and MIT krb5 KDC on Linux (Eliot
Lebsack)


On Mon, 2004-07-26 at 16:05, Eliot Lebsack wrote:
> Just checked - the permissions are -rw------- (0600). 

Just checked what?  Your krb5.conf?  If so, then that's your problem. 
As Henry told you:

> If it works as root, but not as a user, then it sounds like a  
> permissions problem.  Is /etc/krb5/krb5.conf world-readable?

Do a "chmod +r /etc/krb5/krb5.conf" as root, and you should be all set.
-- 
Kevin L. Mitchell <klmitch at mit.edu>




More information about the Kerberos mailing list