Kerberos service started with Error: Cannot open DB2 database on Ubuntu 18

Question

I installed kerberos on Ubuntu 18 with sudo apt install krb5-kdc krb5-admin-server

But, When I ran systemctl status krb5-kdc.service, it turns out:

Feb 17 21:25:23 device2 krb5kdc[8675]: Cannot open DB2 database '/var/lib/krb5kdc/principal': No such file or directory - while initializing database for realm DENNIS.COM
Feb 17 21:25:23 device2 krb5kdc[8675]: krb5kdc: cannot initialize realm DENNIS.COM - see log file for details
Feb 17 21:25:23 device2 systemd[1]: krb5-kdc.service: Control process exited, code=exited status=1
Feb 17 21:25:23 device2 systemd[1]: krb5-kdc.service: Failed with result 'exit-code'.
Feb 17 21:25:23 device2 systemd[1]: Failed to start Kerberos 5 Key Distribution Center.

I have set the realm with kdb5_util create -r DENNIS.COM -s

[realms]
    DENNIS.COM = { 
        kdc = device2
        admin_server = device2
    }   

Answer 1

Holy Moly. Maybe I just needed some rest.

After I ran (like you did)

sudo kdb5_util create -s -r MYCOOLNAME.COM

I then ran this:

sudo systemctl restart krb5-kdc.service

Then I ran this (below) (maybe you don't need sudo on this one)

sudo systemctl status krb5-kdc.service

And ( INSTEAD OF THE ERROR VORTEX I was getting before ) .... I instead got the below ( success !!!):

$ systemctl status krb5-kdc.service


● krb5-kdc.service - Kerberos 5 Key Distribution Center
   Loaded: loaded (/lib/systemd/system/krb5-kdc.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2020-02-25 03:16:25 EST; 4min 45s ago
  Process: 5749 ExecStart=/usr/sbin/krb5kdc -P /var/run/krb5-kdc.pid $DAEMON_ARGS (code=exited, status=
 Main PID: 5763 (krb5kdc)
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/krb5-kdc.service
           └─5763 /usr/sbin/krb5kdc -P /var/run/krb5-kdc.pid

Feb 25 03:16:25 myloginname krb5kdc[5749]: Setting pktinfo on socket 0.0.0.0.88
Feb 25 03:16:25 myloginname krb5kdc[5749]: Setting up UDP socket for address ::.88
Feb 25 03:16:25 myloginname krb5kdc[5749]: setsockopt(12,IPV6_V6ONLY,1) worked
Feb 25 03:16:25 myloginname krb5kdc[5749]: Setting pktinfo on socket ::.88
Feb 25 03:16:25 myloginname krb5kdc[5749]: Setting up TCP socket for address 0.0.0.0.88
Feb 25 03:16:25 myloginname krb5kdc[5749]: Setting up TCP socket for address ::.88
Feb 25 03:16:25 myloginname krb5kdc[5749]: setsockopt(14,IPV6_V6ONLY,1) worked
Feb 25 03:16:25 myloginname krb5kdc[5749]: set up 6 sockets
Feb 25 03:16:25 myloginname krb5kdc[5763]: commencing operation
Feb 25 03:16:25 myloginname systemd[1]: Started Kerberos 5 Key Distribution Center.
lines 1-19/19 (END)

And I teared up some.

Below is my complete list.....

(PURGE (and start over..sigh...again) (below) )


sudo rm -rf /etc/krb5conf
sudo rm -rf /var/lib/krb5kdc
sudo rm -rf /etc/krb5.conf
sudo apt purge -y krb5-kdc krb5-admin-server krb5-config krb5-locales krb5-user krb5.conf


("purge" commands above from .. from https://github.com/shafiquejamal/kafka-zookeeper-kerberos/blob/master/README-Kerberos.md )

(REINSTALL) (below)

sudo apt install krb5-kdc krb5-admin-server krb5-config krb5-locales krb5-user krb5.conf


sudo kdb5_util create -s -r MYCOOLNAME.COM


(and finally...to resolve the "Cannot open DB2 database '/var/lib/krb5kdc/principal'" issue) (below)

sudo systemctl status krb5-kdc.service

sudo systemctl restart krb5-kdc.service

Other helpful links:

https://medium.com/@vikramaroskar/getting-started-with-65711be52918

Unable to setup Kerberos on Ubuntu 14.04 - krb5kdc: No such file or directory - while initializing database for realm myrealm