Thierry Lacoste --> netbsd-help (2005-06-28 11:45:19 +0200):
> $ httpd -v
> Server version: Apache/1.3.33 (Unix)
> Server built: Jun 20 2005 22:26:06
[...]
> I downloaded mod_auth_kerb-5.0-rc6.tar.gz from
> http://sourceforge.net/project/showfiles.php?group_id=51775
Same here.
> $ tar -xvzf mod_auth_kerb-5.0-rc6.tar.gz
> $ cd mod_auth_kerb-5.0-rc6
> $ ./configure
[...]
> checking for krb5_init_context in -lkrb5... yes
> checking whether we are using Heimdal... no
[...]
> Well the line 'checking whether we are using Heimdal... no'
> doesn't sound good.
Indeed.
> I tried to set --with-krb5 but I didn't find any satisfying value.
Reading the notes I wrote down when installing mod_auth_krb5, I see now that
I created a krb5-config script and put it to /usr/bin (some software expect
it to be there...). Unfortunately NetBSD doesn't ship with such a file by
default, but you can easily build it from src/crypto/dist/heimdal/tools. The
script I'm using is attached.
Additionally, because I store the webserver's principal in a separate keytab
file, I needed to apply a patch to mod_auth_kerb's src/mod_auth_kerb.c to
make httpd read the keytab defined by `Krb5Keytab' and not the system keytab.
This patch (and another patch to fix 'make clean') is attached as well.
After patching mod_auth_kerb-5.0-rc6 with the attached patches, running
$ ./configure --prefix=/usr/local --without-krb4 \
--with-krb5=/usr --with-apache=/usr/pkg
$ make
$ sudo make install
should work fine.
HTH, Jukka
--
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~
krb5-config
Description: Text document
ktname.patch
Description: Text document
makefile_rm.patch
Description: Text document
|