Subject: Re: Defining MKKERBEROS=no breaks logins on current
To: Ralf Huvendiek <>
From: Greg Troxel <>
List: current-users
Date: 10/02/2005 17:39:41
Ralf Huvendiek <> writes:

> I've set MKKERBEROS=no and MKKERBEROS5=no in my mk.conf. After an update
> I noticed that I was unable to login. The culprit is It
> did not get installed, but it is required by some pam conf's.
> I had to delete this line in all of them:
> auth           optional   no_warn try_first_pass
> After this I was able to login again.
> On a side note: I noticed that pam relies on Which is built
> and installed. requires libkrb5 which is built and
> installed, too.
> Are those MKKERBEROS settings still valid?

It seems correct to not build this pam module if MKKERBEROS*=no.  So,
it seems that either the default pam configs should change in that
case, or more plausibly, pam should be taught to ignore missing/failed
shlibs unless they are marked required, or something like that.

        Greg Troxel <>