Red Hat Bugzilla – Full Text Bug Listing
|Summary:||rpcsvcgss depends on /usr/lib/libgssapi_krb5.so (krb5-devel)?|
|Product:||[Fedora] Fedora||Reporter:||Charles Lopes <tjarls>|
|Component:||nfs-utils||Assignee:||Steve Dickson <steved>|
|Status:||CLOSED RAWHIDE||QA Contact:||Ben Levenson <benl>|
|Version:||4||CC:||jukka.lehtonen, k.georgiou, mail, notting|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2006-07-24 23:56:37 EDT||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Bug Depends On:|
Description Charles Lopes 2005-03-16 07:57:23 EST
Description of problem: rpc.svcgss tries to load /usr/lib/libgssapi_krb5.so which is part of krb5-devel. Should this link be part of krb5-libs or should rpc.svcgss load /usr/lib/libgssapi_krb5.so.3 instead. Version-Release number of selected component (if applicable): nfs-utils-1.0.6-52 How reproducible: always Steps to Reproduce: 1. SECURE_NFS=yes in /etc/sysconfig/nfs 2. no krb5-devel 3. rpc.svcgss -f -v Actual results: can't open /usr/lib/libgssapi_krb5.so: /usr/lib/libgssapi_krb5.so: cannot open shared object file: No such file or directory gss_initialize fatal error: no mechanisms loaded! Expected results: WARNING: unable to locate function krb5_gss_internal_release_oid in krb5 mechanism library: there will be problems if multiple mechanisms are used! entering poll
Comment 1 Charles Lopes 2005-05-19 12:49:25 EDT
This is still hapening in FC3test3
Comment 2 Charles Lopes 2005-05-19 12:50:31 EDT
I meant "this is still happening in FC4test3"
Comment 5 Steve Dickson 2005-05-23 13:38:40 EDT
Well actually /usr/lib/libgssapi_krb5.so part of the krb5-libs rpms which should be installed by default... could you please check to see if krb5-libs is installed. If not please do a 'yum install krb5-libs'
Comment 6 Bill Nottingham 2005-05-23 13:58:08 EDT
$ rpm -qf /usr/lib/libgssapi_krb5.so krb5-devel-1.4-3 It shows up as part of -devel.
Comment 7 Steve Dickson 2005-05-24 08:47:02 EDT
Ok so the symbolic link shows up in -devel but the acutal library show up in -libs $ rpm -qf /usr/lib/libgssapi_krb5.so.2.2 krb5-libs-1.3.6-5
Comment 8 Charles Lopes 2005-05-24 09:21:51 EDT
Note that it was linked with "libgssapi_krb5.so.2" and yet it tries to load "libgssapi_krb5.so". Maybe it's being dlopen'ed, that would explained why the dependency was missed by rpmbuild. # ldd /usr/sbin/rpc.svcgssd .. libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x00c35000) ..
Comment 9 Steve Dickson 2005-05-24 10:43:16 EDT
Since this is an FC4 bug, try upgrading to nfs-utils-1.0.7-6. I removed the krb5-devel rpm on my FC4 machine and rpc.svcgssd continue to work.
Comment 10 Charles Lopes 2005-05-25 05:35:33 EDT
Still the same. Maybe you need to be part of a kerberos realm to trigger this problem. I looked deeper into it and found out that "libgssapi_krb5.so" is defined in the default /etc/gssapi_mech.conf. Editing the file fixes the problem. The problem affects FC3 as well. If you decide to fix it, will a FC3 errata be available too?
Comment 11 Nalin Dahyabhai 2005-06-23 15:12:20 EDT
If the initializer function is listed as "mechglue_internal_krb5_init", then the gssapi code in nfs-utils 1.0.7 actually ignores the shared library name, which is why it works. In case we want to fix the cosmetic problem, I'm attaching a somewhat hackish change to the .spec file which should work.
Comment 12 Nalin Dahyabhai 2005-06-23 15:13:18 EDT
Created attachment 115892 [details] change to spec file to compile a gssapi application against the krb5 gssapi libraries, and read the dependency from the result
Comment 13 Kostas Georgiou 2005-06-29 04:08:23 EDT
Note that under x86_64 rpc.svcgssd doesn't work even with the devel rpm installed since /etc/gssapi_mech.conf has a 32bit lib. RHEL4 has the same problem btw :)
Comment 14 Jukka Lehtonen 2005-07-15 02:50:27 EDT
Explicit dlopen. Seeing that the file '/etc/gssapi_mech.conf' has a line: # The MIT K5 gssapi library, use special function for initialization. /usr/lib/libgssapi_krb5.so mechglue_internal_krb5_init # Unfortunately, this is same both nfs-util.i386-RHEL4 and nfs-util.x86_64-RHEL4 A change to: /usr/lib64/libgssapi_krb5.so.2 mechglue_internal_krb5_init would solve the problem for x86_64 without krb5-devel present. Thus, the /etc/gssapi_mech.conf should match the installed gss-library, which may not always be the krb5-libs in the future. Manual configuration is probably required. However, the x86_64 version should default to the krb5-libs.x86_64 rather than to the *.i386.
Comment 17 Joachim Selke 2006-04-05 15:21:58 EDT
This bug seems to be fixed in Fedora Core 5.