KCM examples?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

KCM examples?

Lars Kellogg-Stedman
Does anyone have some examples of configuring and using KCM?  I
haven't been able to get it to work.  With KRB5CCNAME set to KCM:$UID,
programs are obviously connecting to KCM, but always end up with an
error:

  Credentials cache I/O operation failed XXX

kcm is logging to /var/log/kcmd.log, and the log entries look like this:

  2005-11-07T08:57:20 sendmsg(5648): 5082748 ^M,
  2005-11-07T08:57:20 sendmsg(5648): 5082748 ^M,
  2005-11-07T08:57:20 sendmsg(5648): 5082748 ^M,

Thanks,

-- Lars

Reply | Threaded
Open this post in threaded view
|

Re: KCM examples?

Dave Love
Lars Kellogg-Stedman <[hidden email]> writes:

> Does anyone have some examples of configuring and using KCM?

On GNU/Linux, you can test it with something like:

  $ sudo /usr/heimdal/libexec/kcm --detach
  $ export KRB5CCNAME=KCM:`id -u`
  $ kinit
  $ klist
 
and klist shows:

  Credentials cache: KCM:...

I thought it was working for me on Solaris pre-release, but I get a
broken pipe error when I try it now.

> I haven't been able to get it to work.  With KRB5CCNAME set to
> KCM:$UID, programs are obviously connecting to KCM, but always end
> up with an error:
>
>   Credentials cache I/O operation failed XXX

That's symptomatic of not connecting (successfully), isn't it?

[Configuring with --enable-kcm only works on some systems, and doesn't
warn you if the system doesn't support one of the mechanisms it
requires.  I promised to contribute configury in that area but never
finished it; perhaps I should...]
Reply | Threaded
Open this post in threaded view
|

Re: KCM examples?

Lars Kellogg-Stedman
In reply to this post by Lars Kellogg-Stedman
> this very much looks like a bug that has been fixed in the very recent
> heimdal-0.7* snapshots. The isolated patch is also at:
> http://samba.org/~gd/patches/heimdal-kcm-0.7.diff

That fixed it.  Thanks!

--
Lars Kellogg-Stedman <[hidden email]>