On Wednesday 02 April 2008 23:07:56 Bill Baird wrote:
> I'm having some trouble trying to setup smbk5pwd. I am currently running
> CentOS 5 with the latest updates. OpenLDAP is version
> openldap-2.3.27-8.el5_1.3, I have it installed via RPM.
>
> To try to compile, I downloaded & installed the source rpm. That included a
> tgz file of the openldap's source. I extracted it

You should rather use rpm to compile the software, rather than using *partial*
source (patches may also be shipped, though they shouldn't really have an
impact here), and possibly resulting in different configuration ...


> and went to the
> contrib/slapd-modules/smbk5pwd directory.
>
> I edited the Makefile and set "SSL_INC=/usr/include/openssl", everything
> else appeared okay. I also had to run a "./configure" to get libtool
> created.
>
> **I think this might be where I screwed up...running a generic ./configure.
> How do I get the settings that the RPM was configured with? **

Wrong list for this question really, but:

$ rpm -ivh openldap-2.3.27-8.el5_1.3.src.rpm
$ rpmbuild -bc `rpm --eval %_specdir`/openldap.spec

>
> >From there, I ran make and got this error:
>
> *../../../include/ldap_defaults.h:35:25: error: ldap_config.h: No such file
> or directory*
>
> There was a ldap_config.hin file in that same directory, I renamed it
> ldap_config.h and was able to run make successfully.
>
> Did the following:
>
> *mkdir /usr/lib/ldap
> cp smbk5pwd.la /usr/lib/ldap
> cd .libs
> cp -r smbk5pwd.so* /usr/lib/ldap*
>
> Added it to my slapd.conf file:
>
> *moduleload      /usr/lib/ldap/smbk5pwd.o
> overlay         smbk5pwd*
>
> When I try to restart openldap, I get a segfault. If I comment out the
> "overlay..." line, it will start and work fine. The startup log looks fine
> until the segfault line:
> *
> slapd startup: initiated.
> /bin/bash: line 1: 27591 Segmentation fault      /tmp/start-slapd.n27586*
>
> If anyone has any suggestions, that would great...thanks!

You could save yourself a whole lot of time and use:

http://staff.telkomsa.net/packages/rhel5/openldap/
(see the repo file in http://staff.telkomsa.net/packages/ )

which ships smbk5pwd (with only Samba support ... I may provide a separate
package with only a heimdal-enabled smbk5pwd).

Regards,
Buchan

An update, I modified the smbk5pwd Makefile to exclude K5 and things compile and work normally...so I now know the segfault is being caused by the Heimdal/Kerberos portion of the code.

Was: DEFS=-DDO_SAMBA -DDO_KRB5
Now: DEFS=-DDO_SAMBA

Heimdal is version 1.1 and installed in /usr/heimdal so I believe my include directory is correct (and it appears to compile okay). Any ideas why this isn't working correctly? Do I need to recompile heimdal with specific options?

LIBTOOL=libtool
OPT=-g -O2
CC=gcc

DEFS=-DDO_SAMBA -DDO_KRB5

HEIMDAL_INC=-I/usr/heimdal/include
SSL_INC=
LDAP_INC=-I../../../include -I../../../servers/slapd
INCS=$(LDAP_INC) $(HEIMDAL_INC) $(SSL_INC)

HEIMDAL_LIB=-L/usr/heimdal/lib -lkrb5 -lkadm5srv
SSL_LIB=-lcrypto
LDAP_LIB=-lldap_r -llber
LIBS=$(LDAP_LIB) $(HEIMDAL_LIB) $(SSL_LIB)


Thanks,

Bill