[krbdev.mit.edu #3237] Kerberos does not work inside Linux vservers
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Wed Nov 16 19:16:06 EST 2005
On Nov 16, 2005, at 17:07, Christophe Nowicki via RT wrote:
> Here is the output :
Thanks! That output looks good. Well, maybe... did you run it in
the same vserver environment that the KDC would run in? I'm guessing
that, in that case, we would only want to return one address. It
sort of depends -- does the vserver environment hide the other
addresses, or just not permit you access to them?
If you run the 1.4.2 KDC in the vserver environment, does it bind to
the correct addresses?
> The first interfaces (--> family 17 <getnameinfo error -6:
> ai_family not supported>)
> Seams to be the loopback interface.
According to my Linux system headers, it's the "packet family"
address type, which I'm not at all familiar with.
The loopback interface should be probed, the "loopback" flag found,
and the address dropped from the list before it's printed. (Maybe I
should've had you turn on the DEBUG flag when building, that might've
produced a little more output. Though looking at the code, there's
one major path where DEBUG doesn't add anything.)
Ken
More information about the krb5-bugs
mailing list