Double log messages under RH8

Mike Dopheide dopheide at
Tue Oct 14 22:24:41 EDT 2003

Problem solved, with slight concern.

Apparently, the kerberos daemons read both /etc/krb5.conf and 
/usr/local/krb5/etc/krb5.conf.  I always assumed one would take precedence 
over the other.  On our KDC, /etc/krb5.conf was a link to 
/usr/local/krb5/etc/krb5.conf.  After making /etc/krb5.conf a real file 
and removing /usr/local/krb5/etc/krb5.conf, we are now getting the 
correct logs (instead of doubled).

I'm not extremely familiar with the kerberos source tree yet, but it seems 
that profile_init (util/profile/prof_init.c) reads through every krb5.conf 
file in the DEFAULT_PROFILE_PATH (include/krb5/stock/osconf.h).  What 
bothers me is that seeing the same [logging] section twice caused kerberos 
to log twice instead of overriding the settings it read from the first 
file.  How can the default logging mechanism be set twice?  Why is this 
even possible?  What other problems could be caused by dual krb5.conf 


> A few months back we migrated our KDC over from HPUX to RedHat Linux 8.0.  
> Ever since the migration our krb5 daemons have been writing every message 
> to the log twice.
> We are using syslog for logging with this entry in krb5.conf:
> [logging]
>         default = SYSLOG:INFO:LOCAL6
> And this entry in syslog.conf:
>                                             /var/log/krb5.log
> I've only been able to find one reference for another person having a 
> similar problem from 6-7-2002, I've included that at the end of my 
> message.  Anyone have any ideas?
> Thanks,
> Mike
> -----------------------------------------------
> Mike Dopheide            dopheide at
> Research Programmer                217-244-0299
> National Center for Supercomputing Applications
> Previous post regarding same issue:
> From: Leonard J. Peirce (peirce at
> Subject: Double log entries for V5 1.2.4 on Solaris 8
> This is the only article in this thread
> View: Original Format
> Newsgroups: comp.protocols.kerberos
> Date: 2002-06-07 13:04:56 PST
> In our kdc and kadmin logs we're seeing exactly two copies of every 
> message
> that gets logged.  This has been happening for a while (I think back to 
> 1.2.2)
> and while it doesn't really hurt anything it is getting annoying.  Did we 
> do
> something wrong when we built/configured things?  This happens both with
> BTW, in case anyone is interested we did finally recover from the database
> corruption problem that I posted about back in March.  Many thanks to
> Ken Raeburn for his helpful advice and patience.
> --
> Leonard J. Peirce                    Email:  leonard.peirce at
> UNIX System Administrator
> Western Michigan University
> Office of Information Technology
> Kalamazoo, MI  49008                 Phone:  (616) 387-5430
> ________________________________________________
> Kerberos mailing list           Kerberos at


More information about the Kerberos mailing list