First of all, I'm glad to report that at first sight openafs-legacy seems to adequately work around this problem. Nevertheless... Part of the heimdal code (namely lib/kafs) seems to try different paths to find the afs-files (calling FHS-adoptian Debian-mode :) ). Sadly enough, lib/krb5/keytab_keyfile.c (function get_cell_and_realm), and kdc/hprop.c (line 825) seem not to want to go through this much trouble. I've checked this because hprop wouldn't work for me. Upon closer inspection, it does give you the option to specify the path to the database manually, but this way it seems like inconsistent and confusing behaviour to me (part of heimdal requiring to specify the path, some part not). I have not yet reproduced situations where keytab_keyfile.c got me in troubles, I derived that one only by looking at the code.
Maybe ask <lha@kth.se>, one of the heimdal developers? He is very very responsive.
Stefaan -- what's news on this?
Amazed by the detail in my initial report ;), I was quickly able to confirm that the current ebuild (app-crypt/heimdal-0.7.2-r3) still has the same issues in exactly the same files. The last message I got from Love Hörnquist Åstrand (Heimdal) on this was on 20050920. The last ping I sent him was on 20051115. In his last message, he was wondering about how to interpret the document describing FHS. He had said he was going to look into this and fix it, but when I got no response I proposed I could write a patch myself, but I never got any reply. We could write a patch for Gentoo, and send it upstream later?
yep, doesn't hurt to at least write the patch and submit :)
I just found a debian patch that fixes the first half. It seems to be included in the heimdal-1.1 distribution (under packages/debian/patches/022_openafs). I made a simple patch for the second issue which I will attach momentarily.
Created attachment 149538 [details, diff] Changes the default db location to the standard one
Well, I am willing to patch heimdal-1.3.3 and change default db location. But openafs already copies /usr/afs/db to /usr/lib/openafs afaik. Please confirm and reopen if you believe change in db location in heimdal is preferred and I will do so.