heimdal_debug(5) BSD File Formats Manual heimdal_debug(5)NAME
heimdal_debug -- how to turn on/off debugging for Kerberos tools
DESCRIPTION
The heimdal_debug kerberos frameworks have several knobs for controlling logging. The different framework knobs are:
libkrb
The Kerberos library, some gss-api Kerberos output ends up here too
kcm the kcm library (credentials cache, ntlm client)
kdc the kerberos KDC output
digest-service
the digest service (ntlm server)
CONFIGURATION FILE
[logging]
<subsystem> = 0-/SYSLOG:
and watch syslog for logging information.
APPLE MAC OS X
First turn up syslog debugging
sudo syslog -c 0 -d
then you can see the syslog output in Console.app or by running
syslog -w -k org.h5l.asl
To enable more extensive debugging logging for each subsystem, use the following commands:
Kerberos Library
sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add krb5 '0-/OSLOG:normal:'
digest-server
sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add digest-service '0-/OSLOG:normal:'
kcm sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add kcm '0-/OSLOG:normal:'
kdc sudo defaults write /Library/Preferences/com.apple.Kerberos logging -dict-add kdc '0-/OSLOG:normal:'
MIT Kerberos Shim
defaults write com.apple.MITKerberosShim EnableDebugging -bool true
GSS-API framework logging
sudo defaults write /Library/Preferences/com.apple.GSS DebugLevel -int 10
Other options on Mac OS X
Make the admin API pretend to the server even on client
sudo defaults write /Library/Preferences/com.apple.Kerberos ForceHeimODServerMode -bool true
SEE ALSO gss(5), kerberos(8)HEIMDAL Sep 30, 2011 HEIMDAL
Check Out this Related Man Page
gss(5) BSD File Formats Manual gss(5)NAME
gss -- how to configure gss framework
DESCRIPTION
The gss GSS.frameworks have several configuration domains, all can configured with defaults(1).
Configuration can be stored both in the user's configuration ( ~/Library/Preferences) and system ( /Library/Preferences ).
CONFIGURATION OPTIONS
Use gsstool(1) to list the supported options and their settings:
gsstool supported-mech --options
Common options are:
NTLM 'Force NTLMv1'
Force client to use NTLMv1
NTLM NTLMv1
Enable support for NTLMv1 in both client and server
NTLM NTLMv2
Enable support for NTLMv2 in both client and server
NTLM 'NTLM session key'
Require backends to support for NTLMv2 session key, Lion and earlier dont support this. Session keys is required for NTLM MIC that
stops reflection attacks.
NTLM 'AllowedHosts'
What hosts that NTLM is allowed to be used for. When there a host that is not on the list, NTLM will not be used. File globbing is
used when matching and it's case insensitive. When there is no configuration, all hosts are allowed.
defaults write com.apple.GSS.NTLM AllowedHosts -array host.local '*.my.domain'
NTLM options
If you want to disable NTLM support completely in both the acceptor (server) and initiator (client), you need disable both NTLMv1 and NTLMv2,
and set their values to boolean false or 0.
defaults write com.apple.GSS.NTLM NTLMv1 -bool false
defaults write com.apple.GSS.NTLM NTLMv2 -bool false
APPLE MAC OS X
You can use the defaults write command to change the options, for simple boolean options, use this:
defaults write com.apple.GSS.NTLM NTLMv1 -bool false
You can also turn on debugging (output in syslog) using:
defaults write com.apple.GSS DebugLevel -int 10
open -a Console
SEE ALSO defaults(1), gss_mo(3), heimdal_debug(1)HEIMDAL Sep 1, 2010 HEIMDAL
I am having a problem reading the exit status of a command or script within a sudo.
return_code=99
sudo su - $User << EOF >> $output_file
$Script
return_code=$?
exit $return_code
EOF
echo "return_code=$return_code"
returns
"return_code=99"
the $script above is a test... (7 Replies)
Hi...
i need a script to remove the space before and after the operator like( +, -, ||, &&).
Ex :
Input file
apple + manago
mango && fresh + apple fresh || fruit
Desired output:
apple+manago
mango&&fresh+apple fresh||fruit (6 Replies)
I am looking for an alternative for sudo in linux, where i need not type the password.
OR is there any other version of 'growisofs', which can be executed under sudo??? As currently 'growisofs' refuses to start under sudo...
Thanks in advance (12 Replies)
Have a sudo statement inside of a here document. It prompts me for a password, but doesnt wait for me to enter my password. Is there a way I can use the command without sudo or anyway that I can enter the password correctly?
Eg :
while read remotehost
do
ssh -t $2@$remotehost <<REMOTE... (13 Replies)
Need to search a pattern occurrence (count) in a specified file.
Below is the details
$ cat fruits
apple apple
ball ball
apple
ball ball ball
apple apple apple
cat cat
cat cat cat
apple
apple
Note: If I'll use the grep command with -c option then it'll count the 1st occurrence in... (6 Replies)
Hi admins,
I have installed sudo in aix 5.3 and configured sudoers file.Every command is working fine with sudo except cd .
If i give sudo cd /etc/security it returns nothing.There is no pwd change and no any error messages.
sudo -l command returns all executables including cd.
sudo ls... (8 Replies)
Hello,
I have successfully configured a syslog server on Centos 5.7, I have to add few clients which are CISCO switches - can someone suggest how should I configure on SYSLOG server, so the each client's log messages should go to different location on syslog server not a default location... (9 Replies)
Hello All,
I'm using my Ubuntu 10.04 client connected via SSH to a SuSE Linux server (SuSE Linux Enterprise Server 11 (x86_64) version 11 patchlevel=1).
I'm trying to run an install of WebSphere Portal but can't seem to be able to run the GUI installer.
Running xclock as root returns this... (7 Replies)
Hi All,
I running a unix command using sudo option inside shell script. Its working well. But in crontab the same command is not working and its throwing
"sudo: sorry, you must have a tty to run sudo". I do not have root permission to add or change settings for my userid. I can not even ask... (9 Replies)
Hello!
Do anyone have idea how to block switching to root if user have full sudo?
One way is in sudoers file block use of "su", but still it`s possible with sudo -i or sudo -s , sudo bash etc.
Other way is create alias on sudoers and permit only specific commands for user.
Any ideas? (6 Replies)
Hello!
I have this weird issue that started lately.
I'm login as normal user lets call it "guy" and I type the command:sudo cat /etc/passwd
what happens next is this reply in the command line:
I'm not getting any prompt to enter password. (I don't have the "nopasswd" see the attachment image... (25 Replies)
Hi,
Let's say I have a control file like this:
RHEL apple "echo apple"
RHEL bravo "ls -l bravo*"
RHEL church "chmod church.txt"
SUSE drive "chown user1 drive.txt"
SUSE eagle "echo "eagle flies""
SUSE feather "ls -l feather*"
HP-UX google "sed 's/^Google.*$/&\
ACTION: go to... (14 Replies)
Hello,
I tried installing sudo on a lab AIX server. It has been successfully installed. but i still see the below errors.
/>sudo -V
Sudo version 1.8.27
Configure options: --prefix=/opt/freeware --sbindir=/opt/freeware/sbin --libdir=/opt/freeware/lib --mandir=/opt/freeware/man... (8 Replies)