fd (file descriptor) leak in replay cache

Robbie Harwood rharwood at redhat.com
Thu Apr 20 10:01:19 EDT 2017

Parity error <bootup32 at gmail.com> writes:

> We have been using the kerberos 1.10.3 library and we find that
> occasionally a lot of the following files are kept open by the library
> and they fill up the fd limit of the process,

Hopefully someone else has a more detailed answer for you, but there
have been 82 commits since then which are leak fixes, some of which may
relate to the problem.  So: "probably".

Unfortunately, krb5-10 is from early 2012.  MIT upstream focuses most
support efforts around 1.15-series (current release) and 1.14-series
(maintenance release).

If you can reproduce it on another system, perhaps try with a newer krb5
and see?  (Based on the version, you're using Centos6; Centos7 has
krb5-1.14.1 at the time of writing.)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20170420/c228e891/attachment.bin

More information about the Kerberos mailing list