Option no-addresses spelled wrong in "man krb.conf" (/usr/share/man/man5/krb5.conf.5.gz)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
krb5 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: krb5-doc
"man krb.conf" documents an option "noaddresses" that causes Kerberos tickets to be addressless, which is needed to use Kerberos behind an NAT gateway. This option doesn't work, but using "no-addresses" (note the hyphen in the name) works fine:
Case 1: noaddresses
/etc/krb5.conf:
[libdefaults]
noaddresses = true
[...]
sascha.
<email address hidden>'s Password:
afslog: krb5_afslog(
sascha.
Case 2: no-addresses
/etc/krb5.conf:
[libdefaults]
[...]
sascha.
<email address hidden>'s Password:
sascha.
Changed in krb5: | |
status: | Unconfirmed → Confirmed |
The man-page states a wrong default value, BTW. As demonstrated above, it's "false" and needs to be explicitly changed to "true".
From "man 5 krb.conf":
noaddresses
Setting this flag causes the initial Kerberos ticket to be addressless. The default for the flag is true.