Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 470942 - www-apache/mod_auth_kerb-5.4-r1 cannot save Credentials when KrbSaveCredentials is set
Summary: www-apache/mod_auth_kerb-5.4-r1 cannot save Credentials when KrbSaveCredentia...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Library (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it
URL:
Whiteboard:
Keywords: NeedPatch
Depends on:
Blocks: 532790
  Show dependency tree
 
Reported: 2013-05-22 05:49 UTC by Azamat H. Hackimov
Modified: 2015-05-08 18:21 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Azamat H. Hackimov 2013-05-22 05:49:52 UTC 
When I enable in /etc/apache2/modules.d/11_mod_auth_kerb.conf option "KrbSaveCredentials on", apache cannot save credentials:

[Tue May 21 13:12:27 2013] [error] [client 10.128.1.124] mkstemp() failed: No such file or directory

After some digging code I realized that apache tries create temp-file in /var/run/httpd/krbcache which is not exist and not created by module nor ebuild.
In src/mod_auth_kerb.c there is code:

   ccname = apr_psprintf(r->pool, "FILE:%s/krb5cc_apache_XXXXXX", P_tmpdir);
   fd = mkstemp(ccname + strlen("FILE:"));
   if (fd < 0) {
      log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
                 "mkstemp() failed: %s", ccname);
      ret = HTTP_INTERNAL_SERVER_ERROR;
      goto end;
   }
   close(fd);

P_tmpdir in stdio.h defined as /tmp, but somewhere this constant redefined to /var/run/httpd/krbcache
Comment 1 Pacho Ramos gentoo-dev 2015-05-08 18:21:23 UTC 
+*mod_auth_kerb-5.4-r2 (08 May 2015)
+
+  08 May 2015; Pacho Ramos <pacho@gentoo.org>
+  +files/mod_auth_kerb-5.4-handle-continue.patch,
+  +files/mod_auth_kerb-5.4-longuser.patch,
+  +files/mod_auth_kerb-5.4-s4u2proxy-r2.patch, +mod_auth_kerb-5.4-r2.ebuild:
+  Apply more Fedora patches with fixes, update s4u2proxy patch to support
+  heimdal (#454816 by Spooky Ghost), tmpfiles.d needed (#470942 by Azamat H.
+  Hackimov)
+