list_principals not allowed, acl file not opened?
Julius
commercials at gmx.net
Wed Dec 17 12:49:37 EST 2008
On Tue, 2008-12-16 at 19:38 +0100, Julius wrote:
> /usr/local/var/krb5kdc/kdc.conf
> [kdcdefaults]
> kdc_ports = 750,88
>
> [realms]
> LOCALDOMAIN.DE = {
> acl_file = /opt/mit-krb5/var/krb5kdc/kadm5.acl
> }
>
>
>
> /opt/mit-krb5/var/krb5kdc/kadm5.acl
> */admin at LOCALDOMAIN.DE *
>
>
>
> kadmin -p admin/admin
> Authenticating as principal admin/admin with password.
> Password for admin/admin at LOCALDOMAIN.DE:
> kadmin: list_principals
> get_principals: Operation requires ``list'' privilege while retrieving
> list.
>
>
> strace ./krb5kdc 2>&1 |grep usr does not list kdc.conf file?
>
>
> what is going wrong here?
>
>
>
> krb5.conf:
> [libdefaults]
> default_realm = LOCALDOMAIN.DE
>
> [logging]
> kdc = FILE:/var/log/krb5-kdc.log
> admin_server = FILE:/var/log/krb5-kadmin.log
> default = FILE:/var/log/krb5-default.log
>
> [realms]
> LOCALDOMAIN.DE = {
> admin_server = night_crawler.localdomain.de
> }
>
>
>
>
>
> greets
package is configured with --localestatedir=/... the kadm5.acl is
working from there.
On the end of kdc.conf(5) it says:
/usr/local/var/krb5kdc/kdc.conf
is this path maybe changeable with --prefix=?
or why was my kadm5.acl not found?
Julius
More information about the Kerberos
mailing list