As shipped by RedHat, v. 1.2.5-6, the option to enable dns resolution of kdc and realm are not compiled in, despite that the argument '--enable-dns' is supplied to the configure script. This is probably a Kerberos bug, but it may be worked around by omitting the option '--with-netlib'; specifying '--with-netlib=...' causes the code in the 'configure' script that turns on the '-DKRB5_DNS_LOOKUP_KDC=1 -DKRB5_DNS_LOOKUP_REALM=1 -DKRB5_DNS_LOOKUP=1' compile flags (starting around line 1400) to be circumvented. The quick fix is simply to omit the line reading '--with-netlib=-lresolv \' in the krb5.spec file; at configure time, the script will find the resolv library by itself, and turn on DNS lookup support at the same time. If further information is needed, please ask, and I will supply it.
This has been a problem with RH 8, yet it is a simple fix, and is still present in RHEL 3? What's the deal ?
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2004-208.html