[Bug 1332988] Re: kdb5_util create and krb5_newrealm fail due to existing /var/lib/krb5kdc/principal/wrong error message
Karl-Philipp Richter
krichter722 at aol.de
Sun Jun 22 16:58:51 UTC 2014
** Description changed:
The invokation of both
LANG=C kdb5_util -r example.com create # with 'example.com' != `hostname`
# and
LANG=C krb5_newrealm
fail with `kdb5_util: File exists while creating database
'/etc/krb5kdc/principal'` (both with complex password `KPZp*4=pzx^ZGnI-
dacjWaOO2` and simple password `a`. Output before is
This script should be run on the master KDC/admin server to initialize
a Kerberos realm. It will ask you to type in a master key password.
This password will be used to generate a key that is stored in
/etc/krb5kdc/stash. You should try to remember this password, but it
is much more important that it be a strong password than that it be
remembered. However, if you lose the password and /etc/krb5kdc/stash,
you cannot decrypt your Kerberos database.
Loading random data
Initializing database '/var/lib/krb5kdc/principal' for realm 'richter-local.de',
master key name 'K/M at richter-local.de'
You will be prompted for the database Master Password.
It is important that you NOT FORGET this password.
Enter KDC database master key:
Re-enter KDC database master key to verify:
Fixing the issue by invoking
kdb5_util -r example.com -m destroy -f
before repeating commands above isn't possible due to error `kdb5_util:
No such entry in the database while retrieving master entry`, `mv
/var/lib/krb5kdc/principal /var/lib/krb5kdc/principal.bk1` doesn't help.
After reading the man pages for `kdb5_util` and `krb5_newrealm` it is
unclear what is acutally missing and/or errornous. At least I don't see
a reason for such a low quality error message.
== Ubuntu related ==
The state should be reset by invoking `apt-get purge krb5-kdc krb5-admin-server` which isn't the case.
+
+ == Further notes ==
+ If the error message is fixed,
+
+ It is important that you NOT FORGET this password.
+
+ could be changed to
+
+ It is important that you DO NOT FORGET this password.
+
+ as well.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1332988
Title:
kdb5_util create and krb5_newrealm fail due to existing
/var/lib/krb5kdc/principal/wrong error message
Status in “krb5” package in Ubuntu:
New
Bug description:
The invokation of both
LANG=C kdb5_util -r example.com create # with 'example.com' != `hostname`
# and
LANG=C krb5_newrealm
fail with `kdb5_util: File exists while creating database
'/etc/krb5kdc/principal'` (both with complex password `KPZp*4=pzx
^ZGnI-dacjWaOO2` and simple password `a`. Output before is
This script should be run on the master KDC/admin server to initialize
a Kerberos realm. It will ask you to type in a master key password.
This password will be used to generate a key that is stored in
/etc/krb5kdc/stash. You should try to remember this password, but it
is much more important that it be a strong password than that it be
remembered. However, if you lose the password and /etc/krb5kdc/stash,
you cannot decrypt your Kerberos database.
Loading random data
Initializing database '/var/lib/krb5kdc/principal' for realm 'richter-local.de',
master key name 'K/M at richter-local.de'
You will be prompted for the database Master Password.
It is important that you NOT FORGET this password.
Enter KDC database master key:
Re-enter KDC database master key to verify:
Fixing the issue by invoking
kdb5_util -r example.com -m destroy -f
before repeating commands above isn't possible due to error
`kdb5_util: No such entry in the database while retrieving master
entry`, `mv /var/lib/krb5kdc/principal /var/lib/krb5kdc/principal.bk1`
doesn't help.
After reading the man pages for `kdb5_util` and `krb5_newrealm` it is
unclear what is acutally missing and/or errornous. At least I don't
see a reason for such a low quality error message.
== Ubuntu related ==
The state should be reset by invoking `apt-get purge krb5-kdc krb5-admin-server` which isn't the case.
== Further notes ==
If the error message is fixed,
It is important that you NOT FORGET this password.
could be changed to
It is important that you DO NOT FORGET this password.
as well.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1332988/+subscriptions
More information about the foundations-bugs
mailing list