Re: Kerberos acl permission
On Thu, Dec 01, 2005 at 02:00:49PM -0800, Curtis Vaughan wrote:
> Trying to set up keberos5 on a Debian Sarge server. As a note I am going
> by the instructions provided by a Linux Journal article, which may be
> found at: http://www.linuxjournal.com/article/7336
>
> Regardless, setting it up has been otherwise easy. But now I'm at the
> part where I want to add other users. At one point in the set up,
> however, the instructions said that you need to enable the administrator
> to have all permissions (privileges), which is done by editing a
> kadm5.acl file. But there is no such file. Because there is no such
> permission file, apparently, I can't add users as the administrator. So,
> I tried creating a kadm5.acl file (under /var/lib/krb5kdc/) but it that
> didn't seem to help.
You could try /etc/krb5kdc/kadm5.acl instead -- at least that's what
is set up in kdc.conf.template (ends up as /etc/krb5kdc/kdc.conf after
postinst has run) as default:
...
acl_file = /etc/krb5kdc/kadm5.acl
...
(not sure though, if the linuxjournal article suggested a different
directory layout..., so YMMV)
Cheers,
Almut
Reply to: