FYI, the git repository has been reorganized now that upstream has
moved to git.
See experimental branch of
git://git.debian.org/git/pkg-k5-afs/debian-krb5-2013.git
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5 in Ubuntu.
FYI, the git repository has been reorganized now that upstream has
moved to git.
See experimental branch of
git://git.debian.org/git/pkg-k5-afs/debian-krb5-2013.git
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Bug watch added: krbdev.mit.edu/rt/ #7135
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7135
** Also affects: kerberos via
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7135
Importance: Unknown
Status: Unknown
** Also affects: krb5 (Ubuntu)
Importance: Undecided
** Bug watch added: krbdev.mit.edu/rt/ #7135
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7135
** Also affects: kerberos via
http://krbdev.mit.edu/rt/Ticket/Display.html?id=7135
Importance: Unknown
Status: Unknown
** Also affects: krb5 (Ubuntu)
Importance: Undecided
take a look at upstream commit 6e83d0bd31721ac86003530dd2450221dd05d0c2
These functions were added later and were used by a Mac-specific project
that had a different export list. I'm fairly sure this is simply an
upstream bug and the symbols should be exported.
--
You received this bug
take a look at upstream commit 6e83d0bd31721ac86003530dd2450221dd05d0c2
These functions were added later and were used by a Mac-specific project
that had a different export list. I'm fairly sure this is simply an
upstream bug and the symbols should be exported.
--
You received this bug
Old stash files are in fact byte order and probably but I'm not sure
word size dependent. Look at the add_mkey command to kdb5_util. I
think if you add a new master key and write it out to a new keytab
format stash file then all should be well.
If the database was created with 1.9.1 then I
Old stash files are in fact byte order and probably but I'm not sure
word size dependent. Look at the add_mkey command to kdb5_util. I
think if you add a new master key and write it out to a new keytab
format stash file then all should be well.
If the database was created with 1.9.1 then I
I suspect that you have a version of libgssapi-krb5-2 different than
libkrb5-dbg
can you try
aptitude reinstall libgssapi-krb5-2 libkrb5-dbg and see if the messages
change?
status incomplete
importance low
** Changed in: krb5 (Ubuntu)
Importance: Undecided = Low
** Changed in: krb5
OK, setting your status back to new.
I don't have permission to propose an upload to lucid to fix this.
status new
** Changed in: krb5 (Ubuntu)
Status: Incomplete = New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5
I suspect that you have a version of libgssapi-krb5-2 different than
libkrb5-dbg
can you try
aptitude reinstall libgssapi-krb5-2 libkrb5-dbg and see if the messages
change?
status incomplete
importance low
** Changed in: krb5 (Ubuntu)
Importance: Undecided = Low
** Changed in: krb5
OK, setting your status back to new.
I don't have permission to propose an upload to lucid to fix this.
status new
** Changed in: krb5 (Ubuntu)
Status: Incomplete = New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I'd definitely take a look at what hostname --fqdn returns on all the
machines.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/913166
Title:
kprop will not find slave-kdc
To manage
I'd definitely take a look at what hostname --fqdn returns on all the
machines.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/913166
Title:
kprop will not find slave-kdc
To manage notifications
Micah == Micah Gersten launch...@micahscomputing.com writes:
Micah This is due to this bug in Debian:
Micah http://bugs.debian.org/cgi- bin/bugreport.cgi?bug=650541
Micah Apparently a private symbol somehow was exported and ended up
Micah breaking upgrades to the new krb5, so
Micah == Micah Gersten launch...@micahscomputing.com writes:
Micah This is due to this bug in Debian:
Micah http://bugs.debian.org/cgi- bin/bugreport.cgi?bug=650541
Micah Apparently a private symbol somehow was exported and ended up
Micah breaking upgrades to the new krb5, so
Russ, I thought that they were listed in the admin info pages too.
however, while I see a bunch of examples, searching for the string hmac
in the sources to the admin guide, I don't actually find a complete list
of the encryption types anywhere.
Am I missing something?
--
You received this bug
They are in fact in support-enc.texinfo.
OK.
So, to the extent there is a bug it's that kdc.conf's manpage doesn't
tell you to go look at the admin guide.
I don't think we want to duplicate the information.
--
You received this bug notification because you are a member of Ubuntu
Server Team,
J == J Sadler 900...@bugs.launchpad.net writes:
J You may want to reconsider adding it to kdc.conf's man page. I
J don't believe that in a normal client install that you would get
J the admin guide. Don't you only get it if you install the admin
J packages?
1) It's in
Russ, I thought that they were listed in the admin info pages too.
however, while I see a bunch of examples, searching for the string hmac
in the sources to the admin guide, I don't actually find a complete list
of the encryption types anywhere.
Am I missing something?
--
You received this bug
They are in fact in support-enc.texinfo.
OK.
So, to the extent there is a bug it's that kdc.conf's manpage doesn't
tell you to go look at the admin guide.
I don't think we want to duplicate the information.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
J == J Sadler 900...@bugs.launchpad.net writes:
J You may want to reconsider adding it to kdc.conf's man page. I
J don't believe that in a normal client install that you would get
J the admin guide. Don't you only get it if you install the admin
J packages?
1) It's in
** Bug watch added: Debian Bug tracker #631106
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631106
** Also affects: krb5 (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631106
Importance: Unknown
Status: Unknown
--
You received this bug notification because you
*** This bug is a duplicate of bug 874130 ***
https://bugs.launchpad.net/bugs/874130
** This bug has been marked a duplicate of bug 874130
Canonicalize fallback only works for different realm (MITKRB RT #6917)
--
You received this bug notification because you are a member of Ubuntu
** Bug watch added: Debian Bug tracker #631106
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631106
** Also affects: krb5 (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631106
Importance: Unknown
Status: Unknown
--
You received this bug notification because you
*** This bug is a duplicate of bug 874130 ***
https://bugs.launchpad.net/bugs/874130
** This bug has been marked a duplicate of bug 874130
Canonicalize fallback only works for different realm (MITKRB RT #6917)
--
You received this bug notification because you are a member of Ubuntu
Bugs,
Tom == Tom Yu t...@mit.edu writes:
Tom This bug originates from a Debian patch to krb5-1.8 that adds
Tom IPv6 support to kpropd. The Debian version of krb5-1.9 doesn't
Tom have this problem. It is probably not difficult to fix Debian's
Tom krb5-1.8 patch, but this should probably
Tom == Tom Yu t...@mit.edu writes:
Tom This bug originates from a Debian patch to krb5-1.8 that adds
Tom IPv6 support to kpropd. The Debian version of krb5-1.9 doesn't
Tom have this problem. It is probably not difficult to fix Debian's
Tom krb5-1.8 patch, but this should probably
So, fixing this particular bug in krb5-rsh-server is almost certainly
relatively easy. Fixing krb5-rsh-server to use PAM directly is more
involved; it should be done, but there is not a lot of resources going
into krb5-rsh-server and krb5-clients at the moment. Upstream split
these into the
So, fixing this particular bug in krb5-rsh-server is almost certainly
relatively easy. Fixing krb5-rsh-server to use PAM directly is more
involved; it should be done, but there is not a lot of resources going
into krb5-rsh-server and krb5-clients at the moment. Upstream split
these into the
The problem is far deeper than the socket binding. The gssrpc library
doesn't support v6 at all in this version of krb5. Fixed in 1.9.
** Also affects: krb5 (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624710
Importance: Unknown
Status: Unknown
--
You received this
The problem is far deeper than the socket binding. The gssrpc library
doesn't support v6 at all in this version of krb5. Fixed in 1.9.
** Also affects: krb5 (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624710
Importance: Unknown
Status: Unknown
--
You received this
I suspect what's going on here is that when
krb5_get_init_creds_set_out_ccache was added
the error reporting was bad.
I will attempt to look at this if no one gets there sooner.
take a look at the handling of out_ccahe in
src/lib/krb5/krb/get_in_tkt.c
--
You received this bug notification
I suspect what's going on here is that when
krb5_get_init_creds_set_out_ccache was added
the error reporting was bad.
I will attempt to look at this if no one gets there sooner.
take a look at the handling of out_ccahe in
src/lib/krb5/krb/get_in_tkt.c
--
You received this bug notification
** Changed in: krb5 (Ubuntu)
Status: New = In Progress
** Changed in: krb5 (Ubuntu)
Assignee: (unassigned) = Sam Hartman (hartmans)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5 in ubuntu.
https://bugs.launchpad.net
This bug is being fixed for Debian; I hope to get into a squeeze update.
Note that Ubuntu probably wants all the other things in the upcoming
1.8.3+dfsg-5 stable Debian update.
However I'm attaching the two patches for this issue.
--
You received this bug notification because you are a member
This bug is being fixed for Debian; I hope to get into a squeeze update.
Note that Ubuntu probably wants all the other things in the upcoming
1.8.3+dfsg-5 stable Debian update.
However I'm attaching the two patches for this issue.
** Patch added: 0001-ticket-6876.patch
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616728
Importance: Unknown
Status: Unknown
** Changed in: krb5 (Ubuntu)
Status: In Progress = Fix Committed
** Changed in: krb5 (Ubuntu)
Assignee: Sam Hartman (hartmans) = (unassigned)
--
You received this bug notification
** Changed in: krb5 (Ubuntu)
Status: New = In Progress
** Changed in: krb5 (Ubuntu)
Assignee: (unassigned) = Sam Hartman (hartmans)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/723840
This bug is being fixed for Debian; I hope to get into a squeeze update.
Note that Ubuntu probably wants all the other things in the upcoming
1.8.3+dfsg-5 stable Debian update.
However I'm attaching the two patches for this issue.
--
You received this bug notification because you are a member
This bug is being fixed for Debian; I hope to get into a squeeze update.
Note that Ubuntu probably wants all the other things in the upcoming
1.8.3+dfsg-5 stable Debian update.
However I'm attaching the two patches for this issue.
** Patch added: 0001-ticket-6876.patch
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616728
Importance: Unknown
Status: Unknown
** Changed in: krb5 (Ubuntu)
Status: In Progress = Fix Committed
** Changed in: krb5 (Ubuntu)
Assignee: Sam Hartman (hartmans) = (unassigned)
--
You received this bug notification
Mark == Mark Deneen 715...@bugs.launchpad.net writes:
Mark I built 1.8.3 from the natty source package, but the problem
Mark still exists in that version.
If you're comfortable trying a package out of my PPA (I'm the Debian
krb5 maintainer and a member of the upstream core team)
Take a
Mark == Mark Deneen 715...@bugs.launchpad.net writes:
Mark Sam, I'll give it a shot. -- You received this bug
Mark notification because you are subscribed to krb5 in ubuntu.
Mark https://bugs.launchpad.net/bugs/715579
I'm sorry I asked you to do this.
I didn't see your note that
Mark == Mark Deneen 715...@bugs.launchpad.net writes:
Mark I built 1.8.3 from the natty source package, but the problem
Mark still exists in that version.
If you're comfortable trying a package out of my PPA (I'm the Debian
krb5 maintainer and a member of the upstream core team)
Take a
Mark == Mark Deneen 715...@bugs.launchpad.net writes:
Mark Sam, I'll give it a shot. -- You received this bug
Mark notification because you are subscribed to krb5 in ubuntu.
Mark https://bugs.launchpad.net/bugs/715579
I'm sorry I asked you to do this.
I didn't see your note that
I'm not against including a patch in the Debian package to reduce Ubuntu
deltas. I want to make sure that things continue to work if inserv is
used as that's where Debian is going. If we can preserve that, I think
that having a patch mostly intended for Ubuntu is fine.
--
You received this bug
I'm not against including a patch in the Debian package to reduce Ubuntu
deltas. I want to make sure that things continue to work if inserv is
used as that's where Debian is going. If we can preserve that, I think
that having a patch mostly intended for Ubuntu is fine.
--
You received this bug
This bug also exists in Debian; here's a patch I'll upload in a future
Debian krb5 version that will eventually make its way into Ubuntu.
** Patch added:
0001-Fix-default-location-of-kpropd.acl-in-kpropd.M-LP-68.patch
This bug also exists in Debian; here's a patch I'll upload in a future
Debian krb5 version that will eventually make its way into Ubuntu.
** Patch added:
0001-Fix-default-location-of-kpropd.acl-in-kpropd.M-LP-68.patch
In Debian unstable installing krb5-kdxc-ldap automatically changes the
order. This could be backported.
Clint Byrum cl...@fewbar.com wrote:
Since both services may depend on the other in ways that will break, we
can only support a default configuration.
The server guide currently does not have
In Debian unstable installing krb5-kdxc-ldap automatically changes the
order. This could be backported.
Clint Byrum cl...@fewbar.com wrote:
Since both services may depend on the other in ways that will break, we
can only support a default configuration.
The server guide currently does not have
My guess is that the DES only checkbox is checked in your AD
configuration for the service account used by the Apache server. If you
clear that checkbox and generate a keytab including both RC4 and DES
keys then I suspect allow_weak_crypto will not be needed.
I'm sorry, but I do not have
My guess is that the DES only checkbox is checked in your AD
configuration for the service account used by the Apache server. If you
clear that checkbox and generate a keytab including both RC4 and DES
keys then I suspect allow_weak_crypto will not be needed.
I'm sorry, but I do not have
Thierry == Thierry Carrez thierry.car...@ubuntu.com writes:
Thierry @Sam: let me know if you feel comfortable applying that
Thierry patch now. Once it's fixed in sid/maverick, I'll push a SRU
Thierry for lucid.
Sure. I will attempt to get to it this weekend.
Anything you want me to
Thierry == Thierry Carrez thierry.car...@ubuntu.com writes:
Thierry @Sam: let me know if you feel comfortable applying that
Thierry patch now. Once it's fixed in sid/maverick, I'll push a SRU
Thierry for lucid.
Sure. I will attempt to get to it this weekend.
Anything you want me to
Gerald == Gerald Carter je...@plainjoe.org writes:
Gerald I think Sam is wanting to know if likewise has submitted the
Gerald patch to upstream MIT krb5. If that is the case, I'll check
Gerald on the state of things and update the bug report.
That is. Early on you mentioned you
Gerald == Gerald Carter je...@plainjoe.org writes:
Gerald I think Sam is wanting to know if likewise has submitted the
Gerald patch to upstream MIT krb5. If that is the case, I'll check
Gerald on the state of things and update the bug report.
That is. Early on you mentioned you
So, it's my understanding that we're still waiting for a confirmation
that this patch has been submitted upstream and for an upstream review
of the patch, right?
--
likewise-open fails to join Windows 2000 SP4 domain
https://bugs.launchpad.net/bugs/551901
You received this bug notification
J == J Bruce Fields bfie...@fieldses.org writes:
J We're adding an API to krb5 to fix this for OpenAFS. Because of
J the way the API is constructed, it's very difficult for GSSD to
J actually call it.
J Do you have a pointer to the details?
/* Allows the appplication to
J == J Bruce Fields bfie...@fieldses.org writes:
J We're adding an API to krb5 to fix this for OpenAFS. Because of
J the way the API is constructed, it's very difficult for GSSD to
J actually call it.
J Do you have a pointer to the details?
/* Allows the appplication to
jean-yves == jean-yves chateaux jean-
yves.chate...@sagemcom.com writes:
If Allow_weak_crypto = true is making things work better with
Windows,
jean-yves something is broken somewhere else to cause this.
jean-yves Without this parameter in krb5.conf the auth against the
jean-yves == jean-yves chateaux jean-
yves.chate...@sagemcom.com writes:
If Allow_weak_crypto = true is making things work better with
Windows,
jean-yves something is broken somewhere else to cause this.
jean-yves Without this parameter in krb5.conf the auth against the
The Kerberos Consortium has a paper on integrating Kerberos into an
application; see http://www.kerberos.org/software/appskerberos.pdf .
I believe that the lucid behavior is correct according to MIT's
documentation: what should be happening is that
* with rdns=true (default), both forward and
Well, everything should work fine if you make your DNS consistent.
Honestly if I was going to make a behavior change here I'd have Firefox
call gss_import_name with a name type that does not involve resolution.
--Sam
--
krb5 prefers the reverse pointer no matter what for locating service
Jesper == Jesper Krogh jes...@krogh.cc writes:
Jesper Hi Russ. I cannot say anything about what other are
Jesper Would a patch that makes the behaviour configurable be
Jesper acceptable?
I think that this patch should be accepted only if upstream is
interested in the patch. Given
In terms of work arounds, if your KDC is an AD KDc, you can add the
final hostnames as ServicePrincipalName attributes on AD for the account
in question. That should make things work either for a Windows server
or for a 1.7+ MIT server.
If your KDC is Unix you can add principals for the final
Try setting rdns=false in the libdefaults section of krb5.conf.
--
krb5 prefers the reverse pointer no matter what for locating service tickets.
https://bugs.launchpad.net/bugs/571572
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
The Kerberos Consortium has a paper on integrating Kerberos into an
application; see http://www.kerberos.org/software/appskerberos.pdf .
I believe that the lucid behavior is correct according to MIT's
documentation: what should be happening is that
* with rdns=true (default), both forward and
Well, everything should work fine if you make your DNS consistent.
Honestly if I was going to make a behavior change here I'd have Firefox
call gss_import_name with a name type that does not involve resolution.
--Sam
--
krb5 prefers the reverse pointer no matter what for locating service
In terms of work arounds, if your KDC is an AD KDc, you can add the
final hostnames as ServicePrincipalName attributes on AD for the account
in question. That should make things work either for a Windows server
or for a 1.7+ MIT server.
If your KDC is Unix you can add principals for the final
Jesper == Jesper Krogh jes...@krogh.cc writes:
Jesper Hi Russ. I cannot say anything about what other are
Jesper Would a patch that makes the behaviour configurable be
Jesper acceptable?
I think that this patch should be accepted only if upstream is
interested in the patch. Given
jean-yves == jean-yves chateaux jean-
yves.chate...@sagemcom.com writes:
jean-yves The errors are the results of MIT resolution to exclude
jean-yves DES/DES3 from the supported enctypes (security reasons).
jean-yves The parameter allow_weak_crypto = true should be added
jean-yves
jean-yves == jean-yves chateaux jean-
yves.chate...@sagemcom.com writes:
jean-yves The errors are the results of MIT resolution to exclude
jean-yves DES/DES3 from the supported enctypes (security reasons).
jean-yves The parameter allow_weak_crypto = true should be added
jean-yves
Mathias == Mathias Gug math...@ubuntu.com writes:
Mathias To really make sure things are not broken, we'd have to
Mathias look at packages started to use krb5_init_creds_step in
Mathias lucid and make sure they're using the flags in the correct
Mathias order.
Yes, but I think
I don't see a upstream krb5 bug for this issue.
I would recommend against applying this patch until someone familiar
with the SPNEGO security model and the code has evaluated it.
Basically, certain versions of Windows produce bad SPNEGO tokens. It's
appropriate to ignore these in some
As best I can tell, the behavior of the patch is explicitly forbidden by
RFC 4178 section 5; see II under clause B and C. However, I'll admit
that the behavior described in Appendix C does not seem consistent with
what I remember for Windows 2000... Perhaps that's only the Windows
behavior for
OK, here's where this stands.
We've been discussing on #krbdev, the upstream krb5 IRC channel.
We agree that ignoring a MIC token that is an exact copy of the response
token is security neutral and it looks like both upstream and I are
comfortable making a change to do that even though it seems to
Mathias == Mathias Gug math...@ubuntu.com writes:
Mathias To really make sure things are not broken, we'd have to
Mathias look at packages started to use krb5_init_creds_step in
Mathias lucid and make sure they're using the flags in the correct
Mathias order.
Yes, but I think
I don't see a upstream krb5 bug for this issue.
I would recommend against applying this patch until someone familiar
with the SPNEGO security model and the code has evaluated it.
Basically, certain versions of Windows produce bad SPNEGO tokens. It's
appropriate to ignore these in some
As best I can tell, the behavior of the patch is explicitly forbidden by
RFC 4178 section 5; see II under clause B and C. However, I'll admit
that the behavior described in Appendix C does not seem consistent with
what I remember for Windows 2000... Perhaps that's only the Windows
behavior for
OK, here's where this stands.
We've been discussing on #krbdev, the upstream krb5 IRC channel.
We agree that ignoring a MIC token that is an exact copy of the response
token is security neutral and it looks like both upstream and I are
comfortable making a change to do that even though it seems to
even at this point in the process.
Changelog entries since current lucid version 1.8+dfsg~alpha1-7ubuntu1:
krb5 (1.8.1+dfsg-2) unstable; urgency=high
* Fix crash in renewal and validation, Thanks Joel Johnson for such a
prompt bug report, Closes: #577490
-- Sam Hartman hartm
even at this point in the process.
Changelog entries since current lucid version 1.8+dfsg~alpha1-7ubuntu1:
krb5 (1.8.1+dfsg-2) unstable; urgency=high
* Fix crash in renewal and validation, Thanks Joel Johnson for such a
prompt bug report, Closes: #577490
-- Sam Hartman hartm
I't my strong guess that no packages in debian outside of krb5 itself
depend on the init_creds_step API, and that is very probably true for
Ubuntu as well. That's one of the main reasons upstream wants to fix it
now: we believe we can do it painlessly if we act before Debian, Ubuntu,
Redhat or
As Debian maintiner I strongly support this sync request. There are
additional upstream fixes that you can examine from the Debian git
repository. All of these will be included in upstream 1.8. Upstream is
quite conservative about what changes are approved at this point in the
process.
--
As Debian maintiner I strongly support this sync request. There are
additional upstream fixes that you can examine from the Debian git
repository. All of these will be included in upstream 1.8. Upstream is
quite conservative about what changes are approved at this point in the
process.
--
for unstable or simply
wait for this to hit testing and do an automatic sync.
Attached is the Debian patch for this issue:
commit 2a663b1c184ec10a450b2709bb7525447bb99bac
Author: Sam Hartman hartm...@debian.org
Date: Fri Jan 22 17:13:51 2010 -0500
subject: krb5int_fast_free_state segfaults if state
for unstable or simply
wait for this to hit testing and do an automatic sync.
Attached is the Debian patch for this issue:
commit 2a663b1c184ec10a450b2709bb7525447bb99bac
Author: Sam Hartman hartm...@debian.org
Date: Fri Jan 22 17:13:51 2010 -0500
subject: krb5int_fast_free_state segfaults if state
Russ == Russ Allbery r...@debian.org writes:
Russ Jochen jradmac...@gmx.de writes:
After upgrading the krb5 libraries to 1.8 I could not mount my
Kerberized NFS4 shares. The following error Message is in the
syslog for every mount attempt:
rpc.gssd[1298]: rpcsec_gss:
Russ == Russ Allbery r...@debian.org writes:
Russ Jochen jradmac...@gmx.de writes:
After upgrading the krb5 libraries to 1.8 I could not mount my
Kerberized NFS4 shares. The following error Message is in the
syslog for every mount attempt:
rpc.gssd[1298]: rpcsec_gss:
See R23482 in upstream subversion; upstream bug 6594
--
credentials cache file not created
https://bugs.launchpad.net/bugs/507490
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5 in ubuntu.
--
Ubuntu-server-bugs mailing list
See R23482 in upstream subversion; upstream bug 6594
--
credentials cache file not created
https://bugs.launchpad.net/bugs/507490
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
Colin == Colin Whittaker co...@netech.ie writes:
Colin I built new packages based on Evan's debdiff and have
Colin deployed them. This removed all the impact we were seeing
Colin with single password errors causing account lockout.
Colin This bug has massive impact on user
Colin == Colin Whittaker co...@netech.ie writes:
Colin I built new packages based on Evan's debdiff and have
Colin deployed them. This removed all the impact we were seeing
Colin with single password errors causing account lockout.
Colin This bug has massive impact on user
I released 1.7+dfsg-3 to Debian unstable. That includes a fix to this
bug. I'd recommend that Ubuntu sync that version into a karmic update
once it hits squeeze in order to address this issue. The code changes
between what's in karmic now and 1.7+dfsg-3 are all reasonably
important bug fixes
Evan == Evan Broder bro...@mit.edu writes:
Evan This shouldn't be a problem. We're still in sync phase for
Evan Ubuntu Lucid, so the new krb5 package will get automatically
Evan pulled in when it hits Debian testing.
I understand that. The user proposed and I agree at least that
Evan == Evan Broder bro...@mit.edu writes:
Evan I think the patch is a little extensive to be directly
Evan uploaded as a Karmic SRU, but I'll look at pulling a SRU
Evan patch together for just the bugfixes.
If you don't want to take the full patch, then take a look at
I released 1.7+dfsg-3 to Debian unstable. That includes a fix to this
bug. I'd recommend that Ubuntu sync that version into a karmic update
once it hits squeeze in order to address this issue. The code changes
between what's in karmic now and 1.7+dfsg-3 are all reasonably
important bug fixes
Evan == Evan Broder bro...@mit.edu writes:
Evan This shouldn't be a problem. We're still in sync phase for
Evan Ubuntu Lucid, so the new krb5 package will get automatically
Evan pulled in when it hits Debian testing.
I understand that. The user proposed and I agree at least that
101 - 200 of 219 matches
Mail list logo
