Kerberos 服務啟動時出現錯誤：無法在 Ubuntu 18 上打開 DB2 數據庫

我在 Ubuntu 18 上安裝了 kerberossudo apt install krb5-kdc krb5-admin-server

但是，當我跑systemctl status krb5-kdc.service的時候，結果是：

Feb 17 21:25:23 device2 krb5kdc[8675]: Cannot open DB2 database '/var/lib/krb5kdc/principal': No such file or directory - while initializing database for realm DENNIS.COM
Feb 17 21:25:23 device2 krb5kdc[8675]: krb5kdc: cannot initialize realm DENNIS.COM - see log file for details
Feb 17 21:25:23 device2 systemd[1]: krb5-kdc.service: Control process exited, code=exited status=1
Feb 17 21:25:23 device2 systemd[1]: krb5-kdc.service: Failed with result 'exit-code'.
Feb 17 21:25:23 device2 systemd[1]: Failed to start Kerberos 5 Key Distribution Center.

我已經設置了領域kdb5_util create -r DENNIS.COM -s

[realms]
   DENNIS.COM = { 
       kdc = device2
       admin_server = device2
   }   

聖莫利。也許我只是需要休息一下。

在我跑之後（就像你一樣）

sudo kdb5_util create -s -r MYCOOLNAME.COM

然後我執行了這個：

sudo systemctl restart krb5-kdc.service

然後我跑了這個（下）（也許你不需要 sudo 這個）

sudo systemctl status krb5-kdc.service

並且（而不是我之前得到的錯誤渦流）……我得到了以下結果（成功!!!）：

$ systemctl status krb5-kdc.service


● krb5-kdc.service - Kerberos 5 Key Distribution Center
  Loaded: loaded (/lib/systemd/system/krb5-kdc.service; enabled; vendor preset: enabled)
  Active: active (running) since Tue 2020-02-25 03:16:25 EST; 4min 45s ago
 Process: 5749 ExecStart=/usr/sbin/krb5kdc -P /var/run/krb5-kdc.pid $DAEMON_ARGS (code=exited, status=
Main PID: 5763 (krb5kdc)
   Tasks: 1 (limit: 4915)
  CGroup: /system.slice/krb5-kdc.service
          └─5763 /usr/sbin/krb5kdc -P /var/run/krb5-kdc.pid

Feb 25 03:16:25 myloginname krb5kdc[5749]: Setting pktinfo on socket 0.0.0.0.88
Feb 25 03:16:25 myloginname krb5kdc[5749]: Setting up UDP socket for address ::.88
Feb 25 03:16:25 myloginname krb5kdc[5749]: setsockopt(12,IPV6_V6ONLY,1) worked
Feb 25 03:16:25 myloginname krb5kdc[5749]: Setting pktinfo on socket ::.88
Feb 25 03:16:25 myloginname krb5kdc[5749]: Setting up TCP socket for address 0.0.0.0.88
Feb 25 03:16:25 myloginname krb5kdc[5749]: Setting up TCP socket for address ::.88
Feb 25 03:16:25 myloginname krb5kdc[5749]: setsockopt(14,IPV6_V6ONLY,1) worked
Feb 25 03:16:25 myloginname krb5kdc[5749]: set up 6 sockets
Feb 25 03:16:25 myloginname krb5kdc[5763]: commencing operation
Feb 25 03:16:25 myloginname systemd[1]: Started Kerberos 5 Key Distribution Center.
lines 1-19/19 (END)

我流淚了一些。

以下是我的完整清單……

(PURGE (and start over..sigh...again) (below) )


sudo rm -rf /etc/krb5conf
sudo rm -rf /var/lib/krb5kdc
sudo rm -rf /etc/krb5.conf
sudo apt purge -y krb5-kdc krb5-admin-server krb5-config krb5-locales krb5-user krb5.conf


("purge" commands above from .. from https://github.com/shafiquejamal/kafka-zookeeper-kerberos/blob/master/README-Kerberos.md )

(REINSTALL) (below)

sudo apt install krb5-kdc krb5-admin-server krb5-config krb5-locales krb5-user krb5.conf


sudo kdb5_util create -s -r MYCOOLNAME.COM


(and finally...to resolve the "Cannot open DB2 database '/var/lib/krb5kdc/principal'" issue) (below)

sudo systemctl status krb5-kdc.service

sudo systemctl restart krb5-kdc.service

其他有用的連結：

https://medium.com/@vikramaroskar/getting-started-with-65711be52918

無法在 Ubuntu 14.04 上設置 Kerberos - krb5kdc：沒有這樣的文件或目錄 - 在為領域 myrealm 初始化數據庫時

引用自：https://serverfault.com/questions/1003388