DB propagation silently fails
Jeff Blaine
jblaine at kickflop.net
Wed Apr 23 14:16:43 EDT 2008
Solved: kprop/kpropd doesn't work with DNS CNAME entries in
kpropd.acl
Jeff Blaine wrote:
> Does this help at all?
>
> ...
> ...
> 19230: so_socket(PF_INET, SOCK_STREAM, IPPROTO_IP, "", 1) = 5
> 19230: connect(5, 0xFFBFF6E0, 16, 1) = 0
> 19230: getsockname(5, 0xFFBFF6E0, 0xFFBFF6DC, 1) = 0
> 19230: write(5, "\0\0\013", 4) = 4
> 19230: write(5, " K R B 5 _ S E N D A U T".., 19) = 19
> 19230: write(5, "\0\0\0\n", 4) = 4
> 19230: write(5, " k p r o p 5 _ 0 1\0", 10) = 10
> 19230: read(5, "\0", 1) = 1
> 19230: time() = 1208966640
> 19230: getpid() = 19230 [19229]
> 19230: getpid() = 19230 [19229]
> 19230: getpid() = 19230 [19229]
> 19230: write(5, "\0\001CA", 4) = 4
> 19230: write(5, " n9201C6 08202C2A0030201".., 458) = 458
> 19230: read(5, "\0\0\0\0", 4) = 4
> 19230: read(5, "\0\0\0 _", 4) = 4
> 19230: read(5, " o ] 0 [A003030104A10302".., 95) = 95
> 19230: write(5, "\0\0\0 e", 4) = 4
> 19230: write(5, " t c 0 aA003030104A10302".., 101) Err#32 EPIPE
> 19230: Received signal #13, SIGPIPE [default]
>
>
> Jeff Blaine wrote:
>> Where's my -verbose flag for kprop! :) I'm obviously new to
>> this step (slave KDCs) so any debugging methods would be
>> helpful if shared. syslog shows nothing.
>>
>> % sudo kdb5_util dump /var/krb5kdc/slave_datatrans
>> % sudo kprop -f /var/krb5kdc/slave_datatrans rcf-kdc2.foo.com
>> %
>>
>> rcf-kdc2% pwd
>> /var/krb5kdc
>> rcf-kdc2% ls
>> kpropd.acl
>> rcf-kdc2%
>>
>> [ We build MIT krb5 with --localstatedir=/var on our KDCs ]
>>
>
More information about the Kerberos
mailing list