kinit from mac ports not working

Brad Allison brad.allison at gmail.com
Thu Aug 15 08:49:21 PDT 2013 

It is a problem between Heimdal-Kerberos (built in)  and MIT-Kerberos (mac
ports)

With Heimdal I need tcp/ in front of my address on the kdc line:
kdc = tcp/10.10.....

With MIT kerberos if you have tcp/ it's can't read the address.

So I can't have a single krb5.conf that works for both.

I wish there was a way to make macports kinit use /etc/krb5.conf and make
built in Heimdal kerberos use /Library/Preferences/edu.mit.Kerberos .





On Thu, Aug 15, 2013 at 10:56 AM, Brandon Allbery <allbery.b at gmail.com>wrote:

> On Thu, Aug 15, 2013 at 10:45 AM, Brad Allison <brad.allison at gmail.com>wrote:
>
>> When I try to kinit using macports kinit it returns "Cannot contact any
>> KDC from realm...."
>>
>> When I try to kinit using default built in kinit (/usr/bin/kinit), it
>> works and I can get tickets.
>>
>> So why is macports kinit broken?
>>
>
> Not actually "broken" although I imagine you won't care about little
> details like how /Library/Preferences/edu.mit.Kerberos isn't guaranteed to
> be 100% compatible with /etc/krb5.conf these days (because Apple's Kerberos
> is from Heimdal); and the cases where they're incompatible are almost
> exactly the cases where it can't be automagically translated. There may
> also be differences in how the two figure out defaults (e.g. when to use
> TCP vs. UDP or which DNS names are looked up when a realm isn't defined in
> the config file, there being both legacy TXT and modern SRV entries
> possible and each implementation follows different rules).
>
> If you're lucky you can just "sudo ln -s
> /Library/Preferences/edu.mit.Kerberos /etc/krb5.conf".
>
> --
> brandon s allbery kf8nh                               sine nomine
> associates
> allbery.b at gmail.com
> ballbery at sinenomine.net
> unix, openafs, kerberos, infrastructure, xmonad
> http://sinenomine.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-users/attachments/20130815/6d59440a/attachment.html>

More information about the macports-users mailing list