Mike Hommey <m...@glandium.org> writes: > On Tue, Mar 31, 2009 at 03:21:02PM +0200, Marco d'Itri <m...@linux.it> wrote:
>> Is there a more elegant way to do this? > > You just don't do it like that, because: > $ ldd /usr/lib/news/bin/auth/passwd/auth_krb5 | grep com_err > libcom_err.so.2 => /lib/libcom_err.so.2 (0xb7f2f000) > > If you don't want to depend on libcomerr2, don't depend on it. It's not > because libkrb5-3 already depends on it that it's a proper thing to > remove the dependency that way. What happens when libkrb5-3 depends on > libcomerr3 ? The fundamental problem is that auth_krb5 is horrible (I say this as the upstream maintainer of the package). It really needs to be rewritten completely against a Kerberos API that isn't 10 years old. There's no reason why it should have to be calling com_err directly with the Kerberos libraries in even lenny. I just haven't had the chance to do that. Also, for most usage situations, one really wants to just use INN's PAM support rather than a Kerberos-only password authenticator and configure nnrpd to use pam_krb5. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
