On Mon, Feb 05, 2007 at 03:12:17PM +1100, Brian May wrote: > >>>>> "jrodman" == jrodman <[EMAIL PROTECTED]> writes: > > jrodman> I do not think simply installing a package without prior > jrodman> configuration should result in an error. > > Agreed. > > I am not able to reproduce this :-( > > Setting up heimdal-kdc (0.7.2.dfsg.1-9) ... > kstash: writing key to `/var/lib/heimdal-kdc/m-key' > Realm max ticket life [unlimited]:Realm max renewable ticket life [unlimited]: > > This is on a newly created chroot, with no prior configuration and no > Kerberos information in DNS either. > > What do you get if you run "hostname -d"? > > Can you reproduce the problem?
Not sure at the moment. I may retry at some point, although I'm a bit unclear how I will be able to easily set up the conditions. My hunch is that the problem is that my debconf priority level was "high", thus skipping the realm questions, thus leaving the realm undefined, causing kstash to fail. I think to get a reasonable chance at reproducing it I will need to set up a new chroot and this takes some time over my slow netlink. Currently, `hostname -d' appears to produce nothing: [EMAIL PROTECTED]:~> hostname -d [EMAIL PROTECTED]:~> However, I cannot at all swear that it did not return 'ducker.org' when I was performing this install. Certainly a subsequent dpkg-reconfigure filled in the default realm field with DUCKER.ORG, so I suspect it did return such at that time. DIGRESSION (to explain difficulty in recreating exact scenario): The whole kerberos experiment brought about much gnashing of teeth and poking at things with a stick regarding naming, where some services seemed to want calufrax.ducker.org, while others (nfs4) insisted that they wanted 'calufrax' sans ducker.org. And this was not only plain vanilla forward name lookups, there was some kind of insane incestuous behavior going on with reversing the IP and mapping the name back to the service and refusing it because the domain name was present. The point is just that things are somewhat scrambled after installing heimdal, realizing heimdal servers would conflict with my vsftp, trying a mix of heimdal daemons and mit implementation servers, which produced some sort of "bad encryption" useless error (what was sent, why don't you like it?), leading to eventual MIT-only install, followed by NFS4 insane errors, and tweaking everything at every step to satisfy the strange errors that would pop up. (My eventual impression is that heimdal is actually much more helpful in terms of errors than MIT, and that one should really read a large text on kerberos before trying to set it up.) I hope, therefore, that this bug is not terribly dependent upon my initial config state which is almost certainly long lost. I will try to set aside time to create a chroot with a debconf "high" or highest (i forget the name) next week. -josh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]