Package: help
Version: krb5-admin-server
Severity: grave
When configuring custom logging in /etc/krb5.conf,
xrb5 services are unable to write to these log files as they are not
permitted in the service configuration used by systemd
Having a logging configuration like
[logging]
kdc = FILE:/var/log/krb5/kdc.log
admin_server = FILE:/var/log/krb5/kadmin.log
default = FILE:/var/log/krb5/kadmin.log
in the /etc/krb5.conf configuration file, it will prevent both the
services krb5-admin-server and krb5-kdc from working correctly as these
services are not permitted to write to these locations as per the
default systemd service descriptors.
Symptons of this problem are for example if your add a (user) principle
to the database using kadmin.local, it will create the principal as
expected. Now, when using kadmin -p principal you will be able to log in
and use the administrative console.
If you reboot or restart the respective services, kadmin -p principal
will fail due to both krb5-admin-server and krb5-kdc being unable to
write to their log files.
The same is true if you add that principal and try to kadmin -p admin
and then try to add for example a host principal. The then presented
error message is unrelated to actual error, namely it being unable to
write to its log files.
I don't know how to fix this with the current systemd. Any hints?
Please note that this applies to both testing/sid and I need it to be
fixed on testing aka jessie.
TIA!
-- System Information:
Debian Release: 8.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
