[14493] in Kerberos
Re: KRB5 daemon problems
daemon@ATHENA.MIT.EDU (Dan Million)
Tue May 29 10:28:57 2001
From: Dan Million <lio@ornl.gov>
Date: Tue, 29 May 2001 09:57:46 -0400
Message-ID: <3B13AADA.D083A025@ornl.gov>
To: kerberos@MIT.EDU
Sam Hartman wrote:
>
> >>>>> "Sam" == Sam Hartman <hartmans@MIT.EDU> writes:
>
> >>>>> "Donn" == Donn Cave <donn@u.washington.edu> writes:
> Donn> Quoth Dan Million <lio@ornl.gov>: | While working another
> Donn> issue, Tom Yu told me that login.krb5 | was supposed to set
> Donn> the correct file permissions on forwarded | credentials. I
> Donn> modified my remote host to use login.krb5, | and whaddaya
> Donn> know, it also got rid of the "eof=^A" problem. | | This is
> Donn> on an AIX system, and at some point in the past, I | thought
> Donn> the prevailing wisdom was, "login.krb5 doesn't work | well
> Donn> on AIX, so symlink it to /usr/bin/login." And that's | what
> Donn> I've been doing ever since. Has that caveat gone away? |
> Donn> Is anyone else out there even using AIX? Hello? [Insert |
> Donn> sound of crickets chirping here...]
>
> Donn> We have AIX here. I have never tried /usr/bin/login, but
> Donn> would have been very surprised if it handled Kerberos
> Donn> credentials properly. As far as I know, there never has
> Donn> been any such caveat. There have been times when login.krb5
> Donn> isn't 100% out of the box on AIX, but what is?
>
> Sam> I ran into this problem at my past job and believe I had a
> Sam> work around. Apparently I didn't commit it to the MIT tree.
> Sam> Unfortunately I no longer have access to those changes so I'm
> Sam> not sure what the problem ended up being.
>
> I got information on what I fixed. The problem appears to be that
> packet mode on AIX is not working as krlogind.c expects. Can I get
> you to try making sure that TIOCPKT is undefined in
> src/appl/bsd/krlogind.c and see if that helps?
>
> Say adding
> #undef TIOCPKT
> just before the definition of protocol?
>
> If this works for you, perhaps we can come up with a cleaner fix.
I tried this out on my AIX 4.3.3 system, and encrypted rlogin no
longer hangs when I type a control-C. This is definite progress!!
Thanks.
As you say, maybe this can point the way to a cleaner fix.
Dan
