LDAP SSL Problems (was: service script (/etc/init.d/ldap))

Craig White craigwhite at azapple.com
Tue Nov 15 01:07:34 UTC 2005 

On Mon, 2005-11-14 at 16:42 -0800, Daniel B. Thurman wrote:
> >From: fedora-list-bounces at redhat.com
> >[mailto:fedora-list-bounces at redhat.com]On Behalf Of Craig White
> >Sent: Monday, November 14, 2005 3:32 PM
> >To: fedora-list at redhat.com
> >Subject: RE: LDAP SSL Problems (was: service script (/etc/init.d/ldap))
> >
> >
> >On Mon, 2005-11-14 at 16:13 -0700, Craig White wrote:
> >
> >> > Another thing,  when I was doing kerberos and got it running,
> >> > there is a definite bug in /etc/init.d/ldap, line 74 where
> >> > kinit was not found.  The '$' was missing so that it should
> >> > be $kinit and not stand-alone kinit since the script does not
> >> > have the full pathname to kinit.
> >> ----
> >> I don't have access to my FC4 machine at the moment - kinit part
> >> of /etc/init.d/ldap ?  Huh?
> >---
> >OK - just got access but I didn't have openldap-servers installed...
> >
> >Installed: openldap-servers.i386 0:2.2.29-1.FC4
> >Dependency Updated: openldap.i386 0:2.2.29-1.FC4 openldap-clients.i386
> >0:2.2.29-1.FC4
> >Complete!
> >[root at localhost ~]# grep kinit /etc/init.d/ldap
> >[root at localhost ~]# 
> >
> >I haven't a clue what you are referring to in line 74...
> >
> >Craig
> >
> >
> 
> 
> ok, here is a snippet of the code:
> 
> ===================================================
> function checkkeytab() {
>     local user= service= klist= default=
>     user="$1"
>     service="$2"
>     default="${3:-false}"
>     if test -x /usr/kerberos/bin/klist ; then
>         klist=/usr/kerberos/bin/klist
>     elif test -x /usr/bin/klist ; then
>         klist=/usr/bin/klist
>     fi
>     KRB5_KTNAME="${KRB5_KTNAME:-/etc/krb5.keytab}"
>     export KRB5_KTNAME
>     if test -s "$KRB5_KTNAME" ; then
>         if test x"$klist" != x ; then
>             if LANG=C klist -k "$KRB5_KTNAME" | tail -n 4 | awk '{print $2}' | grep -q ^"$service"/ ; then
>                 if ! testasuser "$user" -r ${KRB5_KTNAME:-/etc/krb5.keytab} ; then
>                     true
>                 else
>                     false
>                 fi
>             else
> ================================================
> 
> See: if LANG=C klist -k "$KRB5_KTNAME" | tail -n 4 | awk '{print $2}' |
> ===============^^^^^
> s/b ===========$klist
> 
> Dan
> 
----
Yea ok - I see it too and yes, it appears that you are correct about the
line and probably should put an entry into bugzilla.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the fedora-list mailing list