[krbdev.mit.edu #3237] Kerberos does not work inside Linux vservers
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Mon Jun 19 19:12:19 EDT 2006
I'm sorry about the delay in getting back to you -- I accidentally sent
my reply to the email address for filing the response with the bug
report but *not* sending a copy back to the original reporter of the
problem, and didn't notice for quite some time....
> > Here is the output :
>
> Thanks! That output looks good. Well, maybe... did you run it in
> the same vserver environment that the KDC would run in? I'm guessing
> that, in that case, we would only want to return one address. It
> sort of depends -- does the vserver environment hide the other
> addresses, or just not permit you access to them?
>
> If you run the 1.4.2 KDC in the vserver environment, does it bind to
> the correct addresses?
>
> > The first interfaces (--> family 17 <getnameinfo error -6:
> > ai_family not supported>)
> > Seams to be the loopback interface.
>
> According to my Linux system headers, it's the "packet family"
> address type, which I'm not at all familiar with.
>
> The loopback interface should be probed, the "loopback" flag found,
> and the address dropped from the list before it's printed. (Maybe I
> should've had you turn on the DEBUG flag when building, that might've
> produced a little more output. Though looking at the code, there's
> one major path where DEBUG doesn't add anything.)
>
> Ken
More information about the krb5-bugs
mailing list