app-crypt/mit-krb5-1.18.2-r1 doesn't contain anymore krb5_rc_resolve_full, thus apache with mod_auth_kerb enabled fails to start:
apache2 | * apache2 has detected an error in your setup:
apache2 |apache2: Syntax error on line 166 of /etc/apache2/httpd.conf: Syntax error on line 2 of /etc/apache2/modules.d/11_mod_auth_kerb.conf: Cannot load modules/mod_auth_kerb.so into server: /usr/lib64/apache2/modules/mod_auth_kerb.so: undefned symbol: krb5_rc_resolve_full
apache2 | * ERROR: apache2 failed to start
Steps to Reproduce:
1. Build apache
2. Build mod_auth_kerb
3. Configure apache to use mod_auth_kerb
4. Start apache
mod_auth_kerb.so references krb5_rc_resolve_full, even though it is removed from libkrb5.so. Thus apache fails to start.
mod_auth_kerb.so doesn't use nonexistent API krb5_rc_resolve_full, Apache can load the mod_auth_kerb module, and can successfully start, and authenticates users through kerberos SSO.
It is somewhat related to this bug: https://bugs.gentoo.org/716736 (the method is removed in the same commit)
since this packages is on EAPI=5, and "epatch_user" is missing, was a bit harder to test patchs, but I found a working one here:
Applying this, the Kerberos authentication works again.
Confirmed... anyway, any official solution, PullRequest or something available?
Created attachment 660420 [details, diff]
Works for me.
RCACHE is mandatory these days so hardcode
(In reply to Barnabás Virágh from comment #2)
> since this packages is on EAPI=5, and "epatch_user" is missing, was a bit
> harder to test patchs, but I found a working one here:
> Applying this, the Kerberos authentication works again.
That was my first hack, attached a better one.
Works with 1.17 too
Created attachment 660423 [details, diff]
You should apply this one too
Created attachment 660426 [details]
mod_auth_kerb-5.4-r4 ebuild , EAPI=6
Our internal ebuild
Got one for mod_auth_gssapi too, not tested though