Problem with /etc/init.d/ldap?

Daniel B. Thurman dant at cdkkt.com
Sun Nov 20 19:22:39 UTC 2005 

>From: fedora-list-bounces at redhat.com
>[mailto:fedora-list-bounces at redhat.com]On Behalf Of Tony Nelson
>Sent: Saturday, November 19, 2005 7:49 PM
>To: fedora-list at redhat.com
>Subject: RE: Problem with /etc/init.d/ldap?
>
>
>At 12:58 PM -0800 11/19/05, Daniel B. Thurman wrote:
>
>>>>>>Did you say "export KRB5_KTNAME=FILE:/etc/openldap/ldap.keytab"?
>
>>>>6 export KRB5_KTNAME="FILE:/etc/openldap/ldap.keytab"
>
>>>Not too carefully.  Note your use of " in 6, and compare with
>>>what he wrote.
>
>>Tony, I have no idea what you are talking about...
> ...
>
>Look harder.  Compare what he wrote with what you show in 6.  
>Keep looking
>until you see it.
>____________________________________________________________________
>TonyN.:'                       <mailto:tonynelson at georgeanelson.com>
>      '                              <http://www.georgeanelson.com/>
>


You mean:

"export KRB5_KTNAME=FILE:/etc/openldap/ldap.keytab"
 export KRB5_KTNAME="FILE:/etc/openldap/ldap.keytab"
^-------------------^-----------------------------^^
The difference with the double-quotes placed on the outside,
i.e the entire string as opposed to double-quotes placed only
on the RHS of the '='?

I have tried both of these and it does not work either.

BTW: read http://www.openldap.org/faq/data/cache/630.html

It says:

Now you have to tell slapd (well, actually tell the gssapi
library in Kerberos 5 that is invoked by Cyrus SASL) where 
to find the new keytab. You do this by setting the environment
variable KRB5_KTNAME like this: 

export KRB5_KTNAME="FILE:/etc/openldap/ldap.keytab"

Set that environment variable on the slapd start script
(RedHat users might find /etc/sysconfig/ldap a perfect place). 

Also - if you look at the /etc/init.d/ldap script, it uses
a bash sourcing command, (. /etc/sysconfig/ldap) which means
that it will execute the contents of /etc/sysconfig/ldap so
that all bash-commands will be executed.  So the double-quotes
IMHO are really not necessary nor needed except that the 'FILE:'
part, I am not sure.  As I said in my last posting, that it
appears that with or without the used of 'FILE:' makes no
difference in my temporary script.  I am guessing that this
is probably parsed somewhere.

The script is hosed IMHO and I was told to bugzilla it.

Dan
Dan

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.13.4/175 - Release Date: 11/18/2005

More information about the fedora-list mailing list