diff options
Diffstat (limited to 'README')
| -rw-r--r-- | README | 62 |
1 files changed, 49 insertions, 13 deletions
@@ -3,9 +3,9 @@ Written by Russ Allbery <rra@stanford.edu> - Copyright 2006, 2007 Board of Trustees, Leland Stanford Jr. University. - This software is distributed under a BSD-style license. Please see the - file LICENSE in the distribution for more information. + Copyright 2006, 2007, 2008 Board of Trustees, Leland Stanford Jr. + University. This software is distributed under a BSD-style license. + Please see the file LICENSE in the distribution for more information. This software is beta-quality and should be treated with caution. It is currently being tested for production deployment at Stanford. @@ -71,11 +71,6 @@ REQUIREMENTS The wallet client currently requires MIT Kerberos and will need some minor portability modifications to build with Heimdal. - The kasetkey program requires AFS libraries and MIT Kerberos and its - Kerberos v4 compatibility libraries. Currently, kasetkey is built - unconditionally. It will become optional and disabled by default in a - future release. - The wallet server is written in Perl and requires Perl 5.6.0 or later. It uses the Perl DBI layer to talk to a database, and therefore the DBI module and a DBD module for the database it will use must be installed. @@ -108,7 +103,9 @@ REQUIREMENTS server. To support synchronization with an AFS kaserver, the server must have - the Authen::Krb5 Perl module installed. + the Authen::Krb5 Perl module installed. AFS kaserver synchronization + support also requires building kasetkey, which requires AFS and Kerberos + v4 libraries. To run the test suite, you must have the Perl modules Test::More, IO::String, and DBI installed. You will also need a DBD module @@ -159,10 +156,49 @@ BUILD AND INSTALLATION If remctl was installed in a path not normally searched by your compiler, you must specify its installation prefix to configure with the - --with-remctl=DIR option. If the AFS library headers are not found by - your compiler, specify their location with --with-afs-headers=DIR; - similarly, if the AFS libraries are not found by your compiler, specify - their location with --with-afs-libs=DIR. + --with-remctl=DIR option. If the GSS-API libraries used by remctl + aren't in a path normally searched by your compiler, you must generally + also specify its installation prefix with the --with-gssapi=DIR option. + + Normally, configure will use krb5-config to determine the flags to use + to compile with your Kerberos libraries. If krb5-config isn't found, it + will look for the standard Kerberos libraries in locations already + searched by your compiler. If the the krb5-config script first in your + path is not the one corresponding to the Kerberos libraries you want to + use or if your Kerberos libraries and includes aren't in a location + searched by default by your compiler, you need to specify + --with-krb5=PATH: + + ./configure --with-krb5=/usr/pubsw + + To specify a particular krb5-config script to use, either set the + KRB5_CONFIG environment variable or pass it to configure like: + + ./configure KRB5_CONFIG=/path/to/krb5-config + + To build with AFS kaserver synchronization support, pass --with-afs to + configure. You may need to include the path to the AFS include files + and libraries, such as: + + ./configure --with-afs=/usr/afsws + + The AFS kaserver support also requires Kerberos v4 libraries and tries + to use krb5-config to find such libraries. If your Kerberos v4 + libraries aren't somewhere found by your compiler and the krb5-config + script doesn't produce correct results, you need to specify + --with-krb4=PATH giving the root path of the Kerberos v4 installation. + + You can pass the --enable-reduced-depends flag to configure to try to + minimize the shared library dependencies encoded in the binaries. This + omits from the link line all the libraries included solely because the + Kerberos libraries depend on them and instead links the programs only + against libraries whose APIs are called directly. This will only work + with shared Kerberos libraries and will only work on platforms where + shared libraries properly encode their own dependencies (such as Linux). + It is intended primarily for building packages for Linux distributions + to avoid encoding unnecessary shared library dependencies that make + shared library migrations more difficult. If none of the above made any + sense to you, don't bother with this flag. Currently, building in a different directory from the source directory is not supported due to the complexity of integration with the Perl |