3

I am experimenting with Kerberos and messed up the installation. I've tried editing the config files but have had no joy in resolving my problems which currently consist of not being able to initialise the realm and not being able to create an admin directory.

I've tried sudo apt-get purge krb5-kdc krb5-admin-server which removes the packages. But when I try to reinstall, it finds residual config files (that I can't find anywhere) on the system and I have the same errors. A reboot of the server doesn't resolve the issue either.

This is an experimental machine and I have no backups (maybe I should). How do I get back to a pre-kerberos state?

Ashley Bye
  • 131
  • 1
  • 1
  • 5

3 Answers3

4

Please follow the below setups to completely remove.

  • sudo apt purge -y krb5-kdc krb5-admin-server krb5-config krb5-locales krb5-user krb5.conf

  • sudo rm -rf /var/lib/krb5kdc

Rajas
  • 141
  • 2
3

Not sure about the locations in Ubuntu, but you should check /etc/krb5.conf which is the client library configuration and the most important part will be the KDC config, located usually in a directory called krb5kdc, either in /etc, /etc/kerberos, /var/kerberos, /var/lib/kerberos or something similar. Locate it with find or locate and delete everything in it.

Note: All of this assumes MIT Kerberos, not Heimdal.

Final remark: Experimenting with Kerberos works great with virtualization, which adds the benefit of snapshots that make it really easy to get back a few steps. Alternatively, put all of your relevant file systems in LVM volumes and reserve space for snapshots there as well. It's an excellent time saver when you can just go back to the last known good state.

Sven
  • 97,248
  • 13
  • 177
  • 225
  • I tried `sudo find / -iname 'krb*'` and removed everything. This included linux headers, so after reinstalling the linux headers packages I noticed several `krb5-*` packages were installed but missing files. Removal of these helped the situation, but when `sudo apt-get install krb5-kdc krb5-admin-server` it still found my incorrect realm settings. There is no further files found with a `find`. `dpkg --get-selections | grep krb*` only shows 4 packages (all lib*somethings); are these safe to remove? – Ashley Bye May 03 '14 at 11:41
  • Does Kerberos alter any of the ubuntu config files which could be causing it to find this realm info when the installation 'GUI' runs during package installation? – Ashley Bye May 03 '14 at 11:44
  • Yes, I'm using VMs but forgot to take a snapshot after setting up some other bits which took a good 24 hours to work out, so I'm loathe to go back to the clean install snapshot. – Ashley Bye May 03 '14 at 11:54
  • 2
    Do yourself a favor and just start over, on a fresh install. Just blindly deleting files, ending up with broken packages etc. isn't going to end well. – Sven May 03 '14 at 12:11
0

I encountered the same problem where doing "sudo apt-get purge krb5-kdc krb5-admin-server" didn't help. I found the following kerberos related packages hanging around:

root@vm4:~# dpkg --get-selections | grep -v deinstall | grep krb

krb5-config install

krb5-locales install

krb5-user install

libgssapi-krb5-2 install

libkrb5-26-heimdal install

libkrb5-3 install

libkrb5support0 install

I removed three packages as follows:

apt-get purge krb5-config krb5-locales krb5-user

This seems to do the trick for me. Now when I install kerberos packages, it gives me the options to set the realm etc.

prashant sharma
  • 1