"Adam Chlipala" <[EMAIL PROTECTED]> writes: > I think before it was owned by the plain "domtool" user.
No such user exists in pts, but I will create one. > It's been a while since I set this up, so it's probably better if I just > describe what I'm trying to accomplish, rather than request particular > low-level changes. The script in /etc/init.d/domtool-server (based on > kinit) used to work, but now doesn't because (I think) it doesn't have > permission to read domtool's keytab at the point where it wants to do so. Okay, the script expects there to be a user named "domtool". I've created a user with this name and chown'ed the file to him. Domtool now starts, but complains about unspecified permission badness. I think we need to "chmod -R domtool:domtool /etc/domtool", but I'll leave that to somebody who understands the consequences better than I do (right now the ownership of files in that directory is pretty random). > Let me know if you change the init script, because I like to keep > all versions in CVS, too. Yes, it was changed slightly. I added the flag "-U" to make it autodetect the kerberos principal (doesn't need to be hardwired in the init script). I also moved the old keytab to /etc/keytabs/domtool.keytab.old and extracted a fresh one from kadmin. - a -- PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380 _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
