On Thu, Jun 16, 2005 at 03:44:41PM +0200, Jeremie Koenig wrote: > I got no luck lately and managed to make ssh-krb5 fail due to library > linkage weirdness. It took me ages to figure out what was going on! > (I learnt alot on the way, however.) > > To reproduce the breakage: > 1. install libsasl2-modules-gssapi-heimdal, libnss-ldap and ssh-krb5 > (something else linked against libkrb53 may "work" as well); > 2. configure /etc/nsswitch.conf to use ldap for some lookups; > 3. configure /etc/ldap/ldap.conf or ~/.ldaprc to use SASL > authentication.
Actually this is all crap, the libraries are fine. Sorry everybody for the noise, especially Russ for the extra wasted brain and finger cycles. Here's what happens if you wonder: the real problem is that libkrb53 recognizes comments only when # is the first character of a line, while heimdal libraries allows some leading whitespace. The heimdal plugin is much appropriately loaded via dlopen without the RTLD_GLOBAL flag and its namespace is disjoint from the main one. The name service switch probably does something similar with libnss-ldap, so we may even have two levels of isolation. Besides, the libraries are used for two completely different things. I'm still not completely understanding how I have been able to come up with this library clash "evidence" (maybe I just needed a culprit.) The sensible thing I'm going to do now is reporting a wishlist bug against libkrb53 to tolerate whitespace and a minor one against ssh-krb5 for the crappy debug lines. -- Jeremie Koenig <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
