Assertion failuers

Phil Dibowitz phil at usc.edu
Fri Jul 8 00:56:04 EDT 2005 

On Thu, Jul 07, 2005 at 10:37:52PM -0400, Ken Raeburn wrote:
> Without a bit more data, it's hard to tell.  Do these applications link 
> against the pthread library?  Did you give any interesting options when 
> configuring the Kerberos code?  What did configure report when it went 
> looking for pthread_once?

Well, with openssh it's simply --with-kerberos5=/usr/lsd/kerberos/default

But it's pretty much anything that uses 1.4.1 including homegrown software -
but only on 2.6.

Here's and ldd output (note that /usr/lsd/kerberos/default is the same as
/usr/lsd/kerberos/5-1.4.1 in this case - it's a symlink):

[root at ain openssh]# ldd default/sbin/sshd
        libbsm.so.1 =>   /usr/lib/libbsm.so.1
        libpam.so.1 =>   /usr/lib/libpam.so.1
        libdl.so.1 =>    /usr/lib/libdl.so.1
        libresolv.so.2 =>        /usr/lib/libresolv.so.2
        libcrypto.so.0.9.7 =>
/usr/lsd/openssl/default-0.9.7/lib/libcrypto.so.0.9.7
        libposix4.so.1 =>        /usr/lib/libposix4.so.1
        libz.so =>       /usr/lib/libz.so
        libsocket.so.1 =>        /usr/lib/libsocket.so.1
        libnsl.so.1 =>   /usr/lib/libnsl.so.1
        libgssapi_krb5.so.2 =>
/usr/lsd/kerberos/5-1.4.1/lib/libgssapi_krb5.so.2
        libkrb5.so.3 =>  /usr/lsd/kerberos/5-1.4.1/lib/libkrb5.so.3
        libk5crypto.so.3 =>
/usr/lsd/kerberos/5-1.4.1/lib/libk5crypto.so.3
        libkrb5support.so.0 =>
/usr/lsd/kerberos/5-1.4.1/lib/libkrb5support.so.0
        libcom_err.so.3 =>       /usr/lsd/kerberos/5-1.4.1/lib/libcom_err.so.3
        libc.so.1 =>     /usr/lib/libc.so.1
        libaio.so.1 =>   /usr/lib/libaio.so.1
        libmp.so.2 =>    /usr/lib/libmp.so.2


And it turns out that with ssh it's either kerb auth or password auth that
will kill it, but sshkey auth works.

[root at ain openssh]# /usr/lsd/openssh/3.9p1.new/sbin/sshd -p 1022 -ddd
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 367
debug2: parse_server_config: config /etc/ssh/sshd_config len 367
debug1: sshd version OpenSSH_3.9p1
debug1: private host key: #0 type 0 RSA1
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
debug1: rexec_argv[0]='/usr/lsd/openssh/3.9p1.new/sbin/sshd'
debug1: rexec_argv[1]='-p'
debug1: rexec_argv[2]='1022'
debug1: rexec_argv[3]='-ddd'
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 1022 on 0.0.0.0.
Server listening on 0.0.0.0 port 1022.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: fd 5 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 10 config len 367
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 10
Assertion failed: i->did_run != 0, file
../../../../src/lib/krb5/../../include/k5-platform.h, line 232
Abort
[root at ain openssh]# 

-- 
Phil Dibowitz
Systems Architect and Administrator
Enterprise Infrastructure / ISD / USC
UCC 180 - 213-821-5427

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20050707/d6d6d2fc/attachment.bin

More information about the Kerberos mailing list