Pkcs 11 Library Call Error In Solaris 10 Update 11 In A Non-global Zone
(Doc ID 1546486.1)
Last updated on OCTOBER 13, 2019
Applies to:
Solaris Operating System - Version 10 1/13 U11 and laterInformation in this document applies to any platform.
Symptoms
Customer just installed solaris 10 update 11 sparc on a T5120. On Global zone kerberos works but if he creates a non-global zone (sparse or whole root) and repeat the steps to get a kerberos TGT(Ticket Granting Service), although he was prompted for his password. this is the error he was seeing:
% /bin/kinit
Password for test1@ABC.COM: <my password here>
kinit(v5): Error in the PKCS 11 library calls while getting initial credentials
this behavior is NOT reproducible under solaris 10 update 11 on the x86 architecture.
steps to reproduce:
Install solaris 10 update 11 sparc, do not install patches,create local account with username that matches user in your KDC
create /etc/krb5/krb5.conf to talk to your local KDC
test /bin/kinit
create non-global zone (both sparse and whole root should exhibit same behavior)
create same local account and krb5.conf as in the global zone
test /bin/kinit in non-global zone
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |