LDAP SSL Problems (was: service script (/etc/init.d/ldap))
Craig White
craigwhite at azapple.com
Tue Nov 15 01:07:34 UTC 2005
On Mon, 2005-11-14 at 16:42 -0800, Daniel B. Thurman wrote:
> >From: fedora-list-bounces at redhat.com
> >[mailto:fedora-list-bounces at redhat.com]On Behalf Of Craig White
> >Sent: Monday, November 14, 2005 3:32 PM
> >To: fedora-list at redhat.com
> >Subject: RE: LDAP SSL Problems (was: service script (/etc/init.d/ldap))
> >
> >
> >On Mon, 2005-11-14 at 16:13 -0700, Craig White wrote:
> >
> >> > Another thing, when I was doing kerberos and got it running,
> >> > there is a definite bug in /etc/init.d/ldap, line 74 where
> >> > kinit was not found. The '$' was missing so that it should
> >> > be $kinit and not stand-alone kinit since the script does not
> >> > have the full pathname to kinit.
> >> ----
> >> I don't have access to my FC4 machine at the moment - kinit part
> >> of /etc/init.d/ldap ? Huh?
> >---
> >OK - just got access but I didn't have openldap-servers installed...
> >
> >Installed: openldap-servers.i386 0:2.2.29-1.FC4
> >Dependency Updated: openldap.i386 0:2.2.29-1.FC4 openldap-clients.i386
> >0:2.2.29-1.FC4
> >Complete!
> >[root at localhost ~]# grep kinit /etc/init.d/ldap
> >[root at localhost ~]#
> >
> >I haven't a clue what you are referring to in line 74...
> >
> >Craig
> >
> >
>
>
> ok, here is a snippet of the code:
>
> ===================================================
> function checkkeytab() {
> local user= service= klist= default=
> user="$1"
> service="$2"
> default="${3:-false}"
> if test -x /usr/kerberos/bin/klist ; then
> klist=/usr/kerberos/bin/klist
> elif test -x /usr/bin/klist ; then
> klist=/usr/bin/klist
> fi
> KRB5_KTNAME="${KRB5_KTNAME:-/etc/krb5.keytab}"
> export KRB5_KTNAME
> if test -s "$KRB5_KTNAME" ; then
> if test x"$klist" != x ; then
> if LANG=C klist -k "$KRB5_KTNAME" | tail -n 4 | awk '{print $2}' | grep -q ^"$service"/ ; then
> if ! testasuser "$user" -r ${KRB5_KTNAME:-/etc/krb5.keytab} ; then
> true
> else
> false
> fi
> else
> ================================================
>
> See: if LANG=C klist -k "$KRB5_KTNAME" | tail -n 4 | awk '{print $2}' |
> ===============^^^^^
> s/b ===========$klist
>
> Dan
>
----
Yea ok - I see it too and yes, it appears that you are correct about the
line and probably should put an entry into bugzilla.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the fedora-list
mailing list