[Dovecot] auth_krb5_keytab ignored ?

Timo Sirainen tss at iki.fi
Mon Jun 11 15:16:16 EEST 2012


On Fri, 2012-06-08 at 18:59 +0200, Leon Meßner wrote:
> Hi list,
> 
> i noticed that when doing imap gssapi authentication with kerberos,
> dovecot (here 2.1.7) always searches /etc/krb5.keytab although i have
> auth_krb5_keytab = /etc/mail3.krb5.keytab in my etc/dovecot/dovecot.conf
> and doveconf -n also show this setting. If i combine the keytabs in
> krb5.keytab it works. Is there another location where i should put my
> configuration regarding gssapi/kerberos ?

Try if this works:

import_environment = TZ GDB DEBUG_SILENT KRB5_KTNAME 

Then start Dovecot with:

KRB5_KTNAME=/etc/mail3.krb5.keytab dovecot

I'm wondering if the code in mech-gssapi.c that sets KRB5_KTNAME
environment is being called too late.





More information about the dovecot mailing list