krb5kdc: ASN.1 failed call to system time library - while
Ed Ravin
eravin at panix.com
Mon Jan 12 19:25:45 EST 2004
>From somewhere in cyberspace, jhutz at cmu.edu (Jeffrey Hutzelman) said:
>Are you by any chance running kinit --renewable? There is a known bug in
>heimdal which will cause that invocation to issue an invalid request to the
>KDC after 13:37:03 UTC this past Saturday, when UNIX time rolled over to
>0x40000000.
Holy Unix timestamp holidays!
>If this is the problem, you should be able to get it to work by dropping
>the --renewable, or adding --renewable-life=30d
We weren't doing that intentionally, but it clearly was the problem.
Adding "--renewable-life=30d" to the Heimdal kinit fixed it.
Thank you!
--
eravin@ | Grief can take care of itself; but to get the full
panix.com | value of a joy you must have somebody to divide it with.
| -- Mark Twain
More information about the Kerberos
mailing list