Building Kerberos for client-side

Benjamin Kaduk kaduk at MIT.EDU
Mon May 12 13:27:41 EDT 2014


On Mon, 12 May 2014, Arpit Srivastava wrote:

> Hi All,
>
> I built static libraries for MIT Kerberos and got following:

We don't officially support building static libraries.  If they happen to 
work for you, we can't really stop you from using them, but we 
disrecommend it.  A number of classes of behavior are now implemented as 
pluggable module frameworks, and this doesn't really mesh with static 
linkage.

> libkrb5.a, libgssapi_krb5.a
> libkrb5_db2.a, libkdb5.a
> libcom_err.a, libkrb5support.a
> libverto.a, libgssrpc.a
> libk5crypto.a, libkadm5clnt.a
> libkadm5srv.a, libkadm5clnt_mit.a
> libkadm5srv_mit.a
> I need to call only kinit, kdestroy and gss_init_sec_contextat client side.
> That's it.
> I checked using trial and error - and found that it worked with fewer
> static libs (as in I didnt include libgssrpc and libkdb5 etc).
> Please let me know which all .a would be required for above requirements ?
> Also, is libgssapi_krb5.a dependent on libkrb5.a ?

libgssapi_krb5 depends on libkrb5.
The kadm5* bits are not needed for the operations you are using, in 
addition to the two you noted.  I think that libkrb5_db2 is not needed, 
either.

-Ben Kaduk


More information about the Kerberos mailing list