Subject: pkg/12540: security/kth-krb4 installation/configuration process cumbersome
To: None <gnats-bugs@gnats.netbsd.org>
From: T. M. Pederson <salvage@plethora.net>
List: netbsd-bugs
Date: 04/03/2001 22:09:09
>Number: 12540
>Category: pkg
>Synopsis: security/kth-krb4 installation/configuration process cumbersome
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: pkg-manager
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Apr 03 20:10:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: T. M. Pederson
>Release: 1.5
>Organization:
Plethora . Net
>Environment:
System: NetBSD halo.plethora.net 1.5 NetBSD 1.5 (NEBULA) #5: Thu Jan 25 21:53:01 CST 2001 salvage@halo.plethora.net:/usr/src/sys/arch/sparc/compile/NEBULA sparc
>Description:
Final installation/setup of the kth-krb4 package depends on
adding/modifying services in /etc/services. The packages provides a
diff to patch the file, but this is specific to NetBSD-1.4.2, and
may be inadequate for an inexperienced admin trying to install the
package on a different version of the system.
>How-To-Repeat:
Install/configure kth-krb4 on a machine running NetBSD-1.5 or later.
>Fix:
Ideally, provide a script/utility to modify /etc/services. Short of
that, providing diffs for "significantly" different versions of
/etc/services may be sufficient. A sample diff for the /etc/services
included with NetBSD-1.5 is included (shar).
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# services-1.5.diff
#
echo x - services-1.5.diff
sed 's/^X//' >services-1.5.diff << 'END-of-services-1.5.diff'
X+++ /etc/services Sat Mar 31 12:47:37 2001
X@@ -52,8 +52,8 @@
X www 80/tcp http # WorldWideWeb HTTP
X www 80/udp # HyperText Transfer Protocol
X link 87/tcp ttylink
X-kerberos 88/tcp krb5 # Kerberos v5
X-kerberos 88/udp
X+#kerberos 88/tcp krb5 # Kerberos v5
X+#kerberos 88/udp
X supdup 95/tcp
X # 100 - reserved
X hostnames 101/tcp hostname # usually from sri-nic
X@@ -211,11 +211,11 @@
X kshell 544/tcp krcmd # Kerberos `rsh'
X ekshell 545/tcp # Encrypted kshell
X kerberos-adm 749/tcp # Kerberos `kadmin' (v5)
X-kerberos-iv 750/udp kdc kerberos4 # Kerberos (server) udp
X-kerberos-iv 750/tcp kdc kerberos4 # Kerberos (server) tcp
X-kerberos-master 751/udp # Kerberos admin server udp
X-kerberos-master 751/tcp # Kerberos admin server tcp
X-hprop 754/tcp # Heimdal KDC database propagation
X+#kerberos-iv 750/udp kdc kerberos4 # Kerberos (server) udp
X+#kerberos-iv 750/tcp kdc kerberos4 # Kerberos (server) tcp
X+#kerberos-master 751/udp # Kerberos admin server udp
X+#kerberos-master 751/tcp # Kerberos admin server tcp
X+#hprop 754/tcp # Heimdal KDC database propagation
X krbupdate 760/tcp kreg # BSD Kerberos registration
X kpasswd 761/tcp kpwd # BSD Kerberos `passwd'
X kpop 1109/tcp # Kerberos POP server
X@@ -265,3 +265,21 @@
X codasrv 2432/udp # server port
X codasrv-se 2433/tcp # tcp side effects
X codasrv-se 2433/udp # udp sftp side effect
X+
X+#
X+# KTH Kerberos IV implementation
X+# Substitutes and/or adds alternate names with respect to Kerberos V
X+# services.
X+#
X+kerberos-sec 88/tcp krb5 # Kerberos secondary port TCP
X+kerberos-sec 88/udp # Kerberos secondary port UDP
X+kerberos-adm 749/udp # v5 kadmin
X+kerberos-iv 750/udp kdc kerberos kerberos4 # Kerberos (server) udp
X+kerberos-iv 750/tcp kdc kerberos kerberos4 # Kerberos (server) tcp
X+kerberos-master 751/udp kerberos_master # Kerberos admin server udp
X+kerberos-master 751/tcp kerberos_master # Kerberos admin server tcp
X+hprop 754/tcp krb_prop # Heimdal KDC database propagation
X+rkinit 2108/tcp # Kerberos remote kinit
X+kx 2111/tcp # X over kerberos
X+kip 2112/tcp # IP over kerberos
X+kauth 2120/tcp # Remote kauth
END-of-services-1.5.diff
exit
>Release-Note:
>Audit-Trail:
>Unformatted: