Rick Macklem wrote: > > > On Fri, 18 Sep 2009, John Marshall wrote: > >> On Thu, 17 Sep 2009, 21:28 +0300, George Mamalakis wrote: >>> Dear all, >>> >>> I am trying to setup ldap with heimdal on my fbsd 8.0-BETA4 and when I >>> run ldapsearch to see if I can authenticate via GSSAPI I keep getting >>> the following error: >>> >>> [root_at_ldap root]# ldapsearch -H "ldap://ldap.example.com/" -b >>> "dc=example,dc=com" >>> SASL/GSSAPI authentication started >>> dlopen: /usr/lib/libgssapi_spnego.so.10: Undefined symbol >>> "GSS_C_NT_HOSTBASED_SERVICE" >>> ldap_sasl_interactive_bind_s: Local error (-2) >>> > I don't know if you guys feel like experimenting, but here's what little > I know about the heimdal/gssapi setup. > > When cyrus-sasl2 builds, it uses the little shell script > /usr/bin/krb5-config with the args. "--libs gssapi" to get the list of > libraries to link against. This doesn't return "-lgssapi_spnego" in the > list. (The list can be changed by editting line #96 of > /usr/bin/krb5-config.) > > Nothing seems to link against "-lgssapi_spnego", so it's a mystery to > me how it ends up using it? (Maybe others with knowledge on how FreeBSD > loads libraries can explain it. The library is listed in /etc/gss/mech.) > > GSS_C_NT_HOSTBASED_SERVICE is defined in the file gss_names.o in > "-lgssapi", which is at the beginning of the list of libraries returned > by "krb5-config --libs gssapi". > > I'm hoping that someone who understands how libraries get loaded can > solve the puzzle, but barring that, you could try added "-lgssapi_spnego" > to line #96 of /usr/bin/krb5-config in front of "-lgssapi" and see if that > gets things to load properly? > > Not much help, but I don't know how to test this stuff, rick FWIW I hit the same problem (I think) with cyrus imap and saslauthd. I am running HEAD and tried building w/ and w/o kerberos enabled but cyradm aborts on startup complaining about the missing symbol. I started digging because I couldn't get cyrus imap to authenticate users. Feels like one or more of these ports are busted. SamReceived on Fri Sep 18 2009 - 20:46:48 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:55 UTC