(RADIATOR) Radiator using KRB5 on OpenBSD (Authen::Krb5 and Heimdal)
Mike McCauley
mikem at open.com.au
Mon Jun 26 21:48:43 CDT 2006
Hello Roger,
On Tuesday 27 June 2006 06:20, Rogier Krieger wrote:
> Dear list,
>
> While running the final set of tests on a trial version of Radiator,
> I'm having trouble getting Kerberos authentication to work. I believe
> the problem lies with the Authen::Krb5 module. Otherwise, the system
> seems to work fine. For example, authenticating against plain files,
> works nicely.
>
> I suspect the problem lies with Authen::Krb5 not being found.
Your log file confirms this.
> I tried
> using CPAN to obtain it, but it seems to explicitly want MIT Kerberos
> (whereas OpenBSD ships with Heimdal), with Authen::Krb5 subsequently
> failing compilation.
What sort of errors do you see during compilation?
Here I get
Krb5.xs:8:21: error: com_err.h: No such file or directory
In file included from Krb5.xs:9:
but commenting out
//#include <com_err.h>
in Krb5.xs fixes this.
>
> Would you know of another way to get Kerberos authentication to work?
> I tried using modules such as Authen::Krb5::Simple, but -
> unsurprisingly - those don't seem to do the trick. Googling and
> browsing the archives did not yield much OpenBSD/Heimdal related
> material, hence my asking here.
The only way to make AuthBy KRB5 to work is to get Authen-Krb5 to build and
install.
Cheers.
>
> For the sake of completeness, I included the startup messages below
> this message. If my reasoning above is incorrect, feel free to use a
> good clue by four. If I should include more information, please let me
> know.
>
> Cheers,
>
> Rogier Krieger
>
> # tail -fn 50 /var/log/radiator/logfile
> <snip>
> Mon Jun 26 21:49:37 2006: ERR: Could not load AuthBy module
> Radius::AuthKRB5: Can't locate loadable object for module Authen::Krb5
> in @INC (@INC contains: . /usr/libdata/perl5/i386-openbsd/5.8.6
> /usr/local/libdata/perl5/i386-openbsd/5.8.6 /usr/libdata/perl5
> /usr/local/libdata/perl5
> /usr/local/libdata/perl5/site_perl/i386-openbsd
> /usr/libdata/perl5/site_perl/i386-openbsd
> /usr/local/libdata/perl5/site_perl /usr/libdata/perl5/site_perl
> /usr/local/lib/perl5/site_perl .) at
> /usr/local/libdata/perl5/site_perl/Radius/AuthKRB5.pm line 25
> Compilation failed in require at
> /usr/local/libdata/perl5/site_perl/Radius/AuthKRB5.pm line 25, <FILE>
> line 30.
> BEGIN failed--compilation aborted at
> /usr/local/libdata/perl5/site_perl/Radius/AuthKRB5.pm line 25, <FILE>
> line 30.
> Compilation failed in require at (eval 39) line 3, <FILE> line 30.
>
> Mon Jun 26 21:49:37 2006: ERR: Unknown object 'AuthBy' in
> /etc/radiator/radius.cfg line 30
> Mon Jun 26 21:49:37 2006: WARNING: Could not find AuthBy clause with
> Identifier BPkrb5
> Mon Jun 26 21:49:37 2006: DEBUG: Finished reading configuration file
> '/etc/radiator/radius.cfg'
> Mon Jun 26 21:49:37 2006: DEBUG: Reading dictionary file
> '/etc/radiator/db/dictionary'
> Mon Jun 26 21:49:37 2006: DEBUG: Creating authentication port
> 127.0.0.1:1812 Mon Jun 26 21:49:37 2006: DEBUG: Creating accounting port
> 127.0.0.1:1813 Mon Jun 26 21:49:37 2006: DEBUG: Creating authentication
> port 213.189.8.52:1812 Mon Jun 26 21:49:37 2006: DEBUG: Creating accounting
> port 213.189.8.52:1813 Mon Jun 26 21:49:37 2006: NOTICE: Server started:
> Radiator 3.14 on cerberus.bytepark.net (LOCKED)
--
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au
Phone +61 7 5598-7474 Fax +61 7 5598-7070
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS, NetWare etc.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list