Erik <erik.hal...@gmail.com> writes: > The systemd krb5-admin-server.service file is missing the critical > directory /etc/krb5kdc used by kadmind in the ReadWriteDirectories > stanza. The kerberose default database location is created under > /etc/krb5kdc.
Er, it certainly shouldn't be. The Kerberos KDC database goes under /var/lib/krb5kdc. Is there some new bug here? > Attempting to use kadmin to add a kerberos principal will receive > the following error at the kadmin prompt: > kadmin: add_principal -randkey host/somehost > ... > add_principal: Insufficient access to lock database while creating > "host/someh...@example.com". > Workaround: > 1) Add /etc/krb5kdc to the ReadWriteDirectories stanza. > 2) Restart krb5-admin-server systemd service. And that makes that error message go away? Hrm. I wonder what file is being locked. Are you sure that your database is in /etc/krb5kdc? It's a file named principal. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
