Double logs from the KDC

Jeremy Hunt jeremyh at optimation.com.au
Mon Nov 28 20:39:42 EST 2005 

No it is not a duplicate interface, I think it is a problem when you 
define HAVE_SYSLOG during your build. If you use src/configure in your 
build pocess, you probably do have it defined.

The problem is in src/lib/kadm5/logger.c which gives you two log 
messages about 35 lines apart when HAVE_SYSLOG is defined. Because the 
first one has a comment implying that it always logs important stuff, I 
comment out the second in that part of the code that interrogates the 
configured log control entries. But I chose that because I like to log 
everything :).

 I have a patch which works for kerberos 1.4.x, which I think resolves 
it, but I am still testing this and a bunch of other changes.

diff -Nur Krb5.current/src/lib/kadm5/logger.c 
Krb5.our.mods/src/lib/kadm5/logger.c
--- Krb5.current/src/lib/kadm5/logger.c 2002-09-19 06:44:13.000000000 +1000
+++ Krb5.our.mods/src/lib/kadm5/logger.c        2005-11-23 
14:58:31.000000000 +1
100
@@ -895,16 +895,22 @@
                        log_control.log_entries[lindex].ldu_devname);
            }
            break;
-#ifdef HAVE_SYSLOG
-       case K_LOG_SYSLOG:
+// OUR change - Duplicate log
+/* This appears to duplicate syslog messages - why
+ * #ifdef      HAVE_SYSLOG
+ *      case K_LOG_SYSLOG:
+// end OUR change
            /*
             * System log.
             */

            /* Log the message with our header trimmed off */
-           syslog(priority, "%s", syslogp);
-           break;
+// OUR change - Duplicate log
+/*          syslog(priority, "%s", syslogp);
+ *          break;
 #endif /* HAVE_SYSLOG */
+/* I have removed it : jeremyh */
+// end OUR change
        default:
            break;
        }

I hope this helps,

Jeremy

sh0487 wrote:
> [safeTgram (optim1) receive status: NOT encrypted, NOT signed.]
>
>
> I've seen this happen on KDC's that have two ethernet interfaces.  Is that 
> the case here?
>
> Steve Harper
>
> On Sun, 27 Nov 2005, Fredrik Tolf wrote:
>
>   
>> Hi List!
>>
>> I have a small problem with my MIT KDC: All log messages are logged
>> twice. It's not exactly a life threatening problem, but quite annoying.
>>
>> I have configured logging to log both to a file and to syslog, and the
>> log messages appear twice in both the file and in syslog. When looking
>> in /proc/`pidof krb5kdc`/fd (it's running on Linux), I can also see that
>> it has opened the logfile on two file descriptors.
>>
>> My log configuration from /etc/krb5.conf looks like this:
>> [logging]
>>        kdc = FILE:/var/log/krb5kdc.log
>>        kdc = SYSLOG:INFO:DAEMON
>>        admin_server = FILE:/var/log/kadmin.log
>>        admin_server = SYSLOG:INFO:DAEMON
>>        default = FILE:/var/log/krb5lib.log
>>
>> The logs from the kadmin daemon appear twice, as well. Does someone know
>> why this happens?
>>
>> Fredrik Tolf
>>
>>
>> ________________________________________________
>> Kerberos mailing list           Kerberos at mit.edu
>> https://mailman.mit.edu/mailman/listinfo/kerberos
>>
>>     
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
>
>

More information about the Kerberos mailing list