[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Problems with afs-salts on Dunix
Hi!
I have built heimdal 0.3c on a Dunix Alpha, with support for V4 and AFS.
However, having this in my krb5.conf:
[libdefaults]
default_realm = PHYSTO.SE
[realms]
PHYSTO.SE = {
kdc = kdc.physto.se
admin_server = kerberos.physto.se
}
[domain_realm]
.physto.se = PHYSTO.SE
[kdc]
enable-kerberos4 = yes
v4-realm = PHYSTO.SE
enable-kaserver = yes
[kadmin]
default_keys = des:pw-salt: afs3-salt:physto.se
I get the following rather disturbing happenings:
# /usr/heimdal/sbin/kadmin
kadmin> add moa
Max ticket life [1 day]:
Max renewable life [1 week]:
Principal expiration time [never]:
Password expiration time [never]:
Attributes []:
moa@PHYSTO.SE's Password:
Verifying password - moa@PHYSTO.SE's Password:
kadmin> list moa
moa@PHYSTO.SE
kadmin> list -l moa
Principal: moa@PHYSTO.SE
Principal expires: never
Password expires: never
Last password change: never
Max ticket life: 1 day
Max renewable life: 1 week
Kvno: 1
Mkvno: 0
Policy: none
Last successful login: never
Last failed login: never
Failed login count: 0
Last modified: 2000-11-24 12:13:40 UTC
Modifier: admin@PHYSTO.SE
Attributes:
Segmentation fault (core dumped)
and this is what gdb says:
# gdb /usr/heimdal/sbin/kadmin core
GDB is free software and you are welcome to distribute copies of it
under certain conditions; type "show copying" to see the conditions.
There is absolutely no warranty for GDB; type "show warranty" for
details.
GDB 4.16 (alpha-dec-osf3.2), Copyright 1996 Free Software Foundation,
Inc...
Core was generated by `kadmin'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/shlib/libdb.so...done.
Reading symbols from /usr/shlib/libc.so...done.
#0 append_string (state=0x11ffff560, arg=0x0, width=-1, prec=0,
flags=0)
at snprintf.c:226
226 while (*arg && prec--)
(gdb) where
#0 append_string (state=0x11ffff560, arg=0x0, width=-1, prec=0,
flags=0)
at snprintf.c:226
#1 0x120084d20 in xyzprintf (state=0x11ffff560, char_format=0x0, ap={
__base = 0x11ffff600 "\b", __offset = 32}) at snprintf.c:354
#2 0x120085450 in vasnprintf (ret=0x11ffffa98, max_sz=0,
format=0x1400036c8 "(%.*s)", args={__base = 0x11ffff600 "\b",
__offset = 16}) at snprintf.c:573
#3 0x120085398 in vasprintf (ret=0x11ffff560, format=0x0, args={__base
= 0x0,
__offset = -1}) at snprintf.c:548
#4 0x1200852c0 in asprintf (ret=0x11ffff560, format=0x0) at
snprintf.c:492
#5 0x120015ec8 in print_entry_long (princ=0x11ffffac0) at get.c:183
#6 0x12001604c in do_get_entry (principal=0x140016d70, data=0x0) at
get.c:213
#7 0x120019c00 in foreach_principal (exp=0x0,
func=0x120015fc0 <do_get_entry>, data=0x11ffffc38) at util.c:490
#8 0x1200162a0 in getit (name=0x1 <Address 0x1 out of bounds>,
terse_flag=1,
argc=1, argv=0x140016c90) at get.c:268
#9 0x120016388 in list_princs (argc=0, argv=0x0) at get.c:284
#10 0x1200257b0 in sl_command (cmds=0x11ffff560, argc=3,
argv=0x140016c80)
at sl.c:233
#11 0x120025a38 in sl_command_loop (cmds=0x140000518, prompt=0x0,
data=0x0)
at sl.c:299
#12 0x120025af0 in sl_loop (cmds=0x140000518, prompt=0x140003fe4
"kadmin> ")
at sl.c:315
#13 0x120017148 in main (argc=0, argv=0x11ffffd90) at kadmin.c:296
Any clues, anyone...?
Now, I could live with not making a long list in kadmin, but what is
more annoying is that when this user tries to log in (and I have
replaced the system login with /usr/heimdal/bin/login and modified the
SIA matrix a la krb5_matrix.conf) he doesn't get any credentials at all,
and the KDC dies:
# gdb /usr/heimdal/libexec/kdc core
GDB is free software and you are welcome to distribute copies of it
under certain conditions; type "show copying" to see the conditions.
There is absolutely no warranty for GDB; type "show warranty" for
details.
GDB 4.16 (alpha-dec-osf3.2), Copyright 1996 Free Software Foundation,
Inc...
Core was generated by `kdc'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/shlib/libdb.so...done.
Reading symbols from /usr/shlib/libc.so...done.
#0 0x3ff80199014 in __mallopt ()
(gdb) where
#0 0x3ff80199014 in __mallopt ()
#1 0x3ff80199310 in __mallopt ()
#2 0x3ff800d4544 in free ()
#3 0x120051a1c in free_HostAddresses (data=0x14002ef20)
at asn1_HostAddresses.c:71
#4 0x120053428 in free_EncTicketPart (data=0x11ffff350)
at asn1_EncTicketPart.c:473
#5 0x120011808 in do_524 (t=0x11ffff9f8, reply=0x11ffffa90,
from=0x14001ca44 "IPv4:130.237.205.205", addr=0x14001ca28) at
524.c:236
#6 0x1200134e8 in process_request (
buf=0x14001d1e0
"a\201õ0\201ò \003\002\001\005¡\013\e\tPHYSTO.SE¢\0200\016 \003\002\001\001¡\a0\005\e\003afs£\201Ë0\201È \003\002\001\003¡\003\002\001\002¢\201»\004\201¸\001\b-£à^\220\2327:¨©Åý¹o\234ÀM%?2V\n\226¦ãÀx§«\eál²Í|½\rLõsØä©",
len=248, reply=0x11ffffa90, sendlength=0x11ffff9f8,
from=0x14001ca44 "IPv4:130.237.205.205", addr=0x14001ca28) at
connect.c:385
#7 0x1200136c0 in do_request (buf=0x120011808, len=248, sendlength=0,
d=0x14001ca00) at connect.c:425
#8 0x120013998 in handle_udp (d=0x14001ca00) at connect.c:476
#9 0x120014814 in loop () at connect.c:786
#10 0x12001cb30 in main (argc=1073818232, argv=0x140012a80) at main.c:98
The same thing happens if he tries to do /usr/heimdal/bin/kinit --afslog
So: ?????????
Cheers,
Torbjorn Moa