On Fri, 18 Sep 2009, John Marshall wrote: > On Thu, 17 Sep 2009, 21:28 +0300, George Mamalakis wrote: >> Dear all, >> >> I am trying to setup ldap with heimdal on my fbsd 8.0-BETA4 and when I >> run ldapsearch to see if I can authenticate via GSSAPI I keep getting >> the following error: >> >> [root_at_ldap root]# ldapsearch -H "ldap://ldap.example.com/" -b >> "dc=example,dc=com" >> SASL/GSSAPI authentication started >> dlopen: /usr/lib/libgssapi_spnego.so.10: Undefined symbol >> "GSS_C_NT_HOSTBASED_SERVICE" >> ldap_sasl_interactive_bind_s: Local error (-2) >> I don't know if you guys feel like experimenting, but here's what little I know about the heimdal/gssapi setup. When cyrus-sasl2 builds, it uses the little shell script /usr/bin/krb5-config with the args. "--libs gssapi" to get the list of libraries to link against. This doesn't return "-lgssapi_spnego" in the list. (The list can be changed by editting line #96 of /usr/bin/krb5-config.) Nothing seems to link against "-lgssapi_spnego", so it's a mystery to me how it ends up using it? (Maybe others with knowledge on how FreeBSD loads libraries can explain it. The library is listed in /etc/gss/mech.) GSS_C_NT_HOSTBASED_SERVICE is defined in the file gss_names.o in "-lgssapi", which is at the beginning of the list of libraries returned by "krb5-config --libs gssapi". I'm hoping that someone who understands how libraries get loaded can solve the puzzle, but barring that, you could try added "-lgssapi_spnego" to line #96 of /usr/bin/krb5-config in front of "-lgssapi" and see if that gets things to load properly? Not much help, but I don't know how to test this stuff, rickReceived on Fri Sep 18 2009 - 19:32:41 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:55 UTC