Each time krb5 is started, I get: ---- Starting Kerberos administrative server kadmindkadmind: Cannot open /var/lib/krb5kdc/kadm5.acl: No such file or directory while initializing ACL file, aborting ---- The kadamind daemon is therefore not started.
There are several possibilities if we not want to configure acl's: a) add acl_file = "" under the <EXAMPLE.ORG> realm in /etc/krb5.conf This has two drawbacks: (i) the 'acl_file =' should be present only on the kdc host, while an user might copy krb5.conf to a client host. (ii) if an user later creates an acl file, he/she may wonder why it is not taken into account. b) create a file /var/lib/krb5kdc/kdc.conf, containing: [realms] <EXAMPLE.ORG> = { acl_file = "" } Drawback: new file. But normally kdc.conf is only present on the KDC host. c) create an empty /var/lib/krb5kdc/kadm5.acl Advantage: this file can be augmented later. But needs an explanation in the book I think I'd slightly prefer c). Pierre -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page