login.krb5: Segmentation fault?

Thu Jun 21 12:30:16 EDT 2007

I installed krb5-1.6.1 on a opensuse linux box.

For test purpose, I created 2 user principals:
"michael" and "mike". They are also two linux accounts
on the same machine with the same passwords.

Both krb5kdc and kadmind are up and running. After
enter linux as "mike" by using regular "login", I can
kinit for both "michael" and "mike" successfully. But
when I tried to use "login.krb5" for either one, a
"Segmentation fault" error message was generated and
there is no "credentials" or "tickets" (by "klist").

What may cause this problem and is there any
configuration for using keberized login?

By the way, the following option for login.krb5 is set
in krb5.conf but I am not sure if it's correct or not.
(the same error appears w/ or w/o the following option
anyway)

[appdefaults]
        login.krb5={
                krb5_get_tickets=true
        }

Another question:

I believe I can replace traditional "login" with this
keberized version "login.krb5" during init procedure
when system asks users to login with their username
and password. For this purpose, for each linux user,
we can create a principal and keep the same password
(so that, in case of no network, login.krb5 falls back
to regular login behavior and use /etc/passwd ...) For
example, in run level 5, a user types in username and
password and will be assigned credentials for some
time. Then, this credential can be used for later
authentication purpose. Thus, it gives a single
signon. Is this recommended?

Thanks!

      ____________________________________________________________________________________
Park yourself in front of a world of choices in alternative vehicles. Visit the Yahoo! Auto Green Center.
http://autos.yahoo.com/green_center/ 