KDC segmentation fault on krb5kdc

Greg Hudson ghudson at MIT.EDU
Wed Nov 28 11:26:03 EST 2012

On 11/27/2012 01:34 PM, Abhilash S wrote:
> we are running krb5 in thread option (krb5kdc -w 4)

The krb5kdc -w flag does not use threads, just processes.

> some times child process hangs with out a clean shutdown and we need to
> manually kill the hanging process

Having to manually kill KDC processes after a child process crashes is
unexpected.  The intention (which holds true in my tests) is that if any
child KDC process dies, the master process kills all of the other child
processes and exits.  From the log messages you quote, it looks like the
master process was at least beginning to do that.

>>From Syslog we saw segmentation fault on krb5kdc
>  kernel: krb5kdc[18176]: segfault at 0 ip 0000000000407781 sp
> 00007fff250d0ca0 error 4 in krb5kdc[400000+1b000]
> Is there any issue in running KDC in multithread model ?

I'm not aware of any issues specific to the krb5kdc worker process
feature.  I am aware of a null pointer dereference vulnerability in krb5
1.9.2, however, which is fixed in later releases (1.9.4 or 1.10.x).

More information about the krbdev mailing list