duplicate logging in file
Dave Steiner
steiner at oit.rutgers.edu
Thu Jun 30 11:45:09 EDT 2011
On 6/29/2011 6:27 PM, Tom Yu wrote:
> Dave Steiner<steiner.dave at gmail.com> writes:
>
>> I have the following in my krb5.conf:
>>
>> [logging]
>> # kdc = SYSLOG:INFO:LOCAL2
>> # admin_server = SYSLOG:INFO:LOCAL2
>> admin_server = FILE:/export/home/kerberos/var/
>> admin_server.log
>> kdc = FILE:/export/home/kerberos/var/krb5kdc.log
>> kdc_rotate = {
>> period = 1d
>> versions = 20
>> }
>>
>> and I'm getting two of every message in the krb5kdc.log. Am I missing
>> something here? It was doing this on v1.6.3 and on v1.9.1.
> It's likely that the setting is getting read twice somehow. Where did
> you put your krb5.conf? And what options did you use when building?
> Might there be another krb5.conf or kdc.conf somewhere with that
> logging setting?
Ah, the fun of inheriting a setup.... All of our Kerberos files are in
/usr/local/kerberos. We also have the following links setup:
# ls -l /etc/krb5.conf /etc/krb5/krb5.conf
lrwxrwxrwx 1 root root 16 Aug 2 2006 /etc/krb5.conf ->
./krb5/krb5.conf
lrwxrwxrwx 1 root root 33 Mar 22 16:00 /etc/krb5/krb5.conf
-> /usr/local/kerberos/etc/krb5.conf
So when configuring I use '--prefix=/usr/local/kerberos'. So I found the
following in include/osconf.h:
#define DEFAULT_SECURE_PROFILE_PATH
"/etc/krb5.conf:/usr/local/kerberos/etc/krb5.conf"
#define DEFAULT_PROFILE_PATH DEFAULT_SECURE_PROFILE_PATH
which is how it get's two copies of krb5.conf and therefore the doubled logging.
BTW, I also have the following for each realm in my kdc.conf:
profile = /usr/local/kerberos/etc/krb5.conf
but I suspect this is not involved in this problem. True?
So is the best way to fix this is to edit osconf.h after I run configure? Or
can I fix this with a configure switch?
thanks,
ds
--
Dave Steiner steiner at rutgers.edu
Identity Management, ESS ASB101; 732.445.5433
Rutgers University, Office of Information Technology
More information about the Kerberos
mailing list