I tried setting KRB5_TRACE like this:
KRB5_TRACE=/tmp/krb5_tracefile.txt /usr/sbin/openvpn --writepid
/var/run/openvpn.server.pid --syslog ovpn-server --cd /etc/openvpn --config
/etc/openvpn/server.conf
and restarted openvpn. Yet I see no krb5_tracefile.txt in /tmp.
According to
http://k5wiki
Ralf Hildebrandt writes:
> I tried setting KRB5_TRACE like this:
> KRB5_TRACE=/tmp/krb5_tracefile.txt /usr/sbin/openvpn --writepid
> /var/run/openvpn.server.pid --syslog ovpn-server --cd /etc/openvpn --config
> /etc/openvpn/server.conf
> and restarted openvpn. Yet I see no krb5_tracefile.txt
* Russ Allbery :
> > "The KRB5_TRACE environment variable will not work for secure contexts,
> > such as those created by ksu or login systems."
>
> > Is PAM such a "secure context"?
>
> pam_krb5 initializes a secure context iff it's running as root. So
> unfortunately yes.
:(
> Soon, probabl
Ralf Hildebrandt writes:
> * Russ Allbery :
>> Soon, probably in the next release, it will gain a configuration option
>> that does the equivalent of KRB5_TRACE but works in secure contexts.
> Are there any command line tool I could use to find out why the new
> version is unwilling to talk to o
OK. This is a bit of a long-shot and I apologize if the descriptino is
insufficient.
There's a package krb5-gss-samples which includes a gss-client and
gss-server program.
you start gss-server like
KRB5_KTNAME=/etc/krb5.keytab gss-server service@hostname
where service is something like host and
5 matches
Mail list logo
