[29371] in Kerberos
RE: KDC Master/Slave replication and propagation
daemon@ATHENA.MIT.EDU (Edgecombe, Jason)
Tue Feb 26 15:00:20 2008
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Tue, 26 Feb 2008 14:30:18 -0500
Message-ID: <A01ABA2A211C644596549C5FF91C50E41D5C708B@EXEVS02.its.uncc.edu>
In-Reply-To: <6E7689A7-C59B-46BF-950B-A3F6024A6853@gmail.com>
From: "Edgecombe, Jason" <jwedgeco@uncc.edu>
To: "Andrea Cirulli" <acirulli@gmail.com>, <kerberos@mit.edu>
Cc: andrea.cirulli@valueteam.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
When setting up a new slave, I usually have to manually copy the krb5kdc
folder to the slave, then propagation works.
Jason
Jason Edgecombe
Solaris & Linux Administrator
Mosaic Computing Group, College of Engineering
UNC-Charlotte
Phone: (704) 687-3514
-----Original Message-----
From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On
Behalf Of Andrea Cirulli
Sent: Tuesday, February 26, 2008 2:19 PM
To: kerberos@mit.edu
Cc: andrea.cirulli@valueteam.com
Subject: KDC Master/Slave replication and propagation
Hi all,
I'm trying to setup a master/slave KDC architecture on SOLARIS 9.
I' ve setup correctly the master and slave, but when I execute kprop
on the master to dispatch the Kerberos DB, the latter command yields
the following output:
Broken Pipe
In particular, if I execute kprop with truss this is what i obtain:
.
.
.
close(5) = 0
read(256, " # i d e n t\t " @ ( # )".., 1024) = 1024
read(256, " o t o c o l v 2\n l d".., 1024) = 1024
read(256, " 1 3 9 / u d p\t\t\t\t #".., 1024) = 1024
read(256, " c p\t\t\t\t # E C D ".., 1024) = 859
close(256) = 0
so_socket(PF_INET, SOCK_STREAM, IPPROTO_IP, "", 1) = 5
connect(5, 0xFFBFF878, 16, 1) = 0
getsockname(5, 0xFFBFF878, 0xFFBFF874, 1) = 0
write(5, "\0\0\013", 4) = 4
write(5, " K R B 5 _ S E N D A U T".., 19) = 19
write(5, "\0\0\0\n", 4) = 4
write(5, " k p r o p 5 _ 0 1\0", 10) = 10
read(5, "\0", 1) = 1
time() = 1204020515
getpid() = 14196 [14195]
getpid() = 14196 [14195]
getpid() = 14196 [14195]
write(5, "\0\001 u", 4) = 4
write(5, " n8201 q 08201 mA0030201".., 373) = 373
read(5, "\0\0\0\0", 4) = 4
read(5, "\0\0\0 S", 4) = 4
read(5, " o Q 0 OA003020105A10302".., 83) = 83
getpid() = 14196 [14195]
write(5, "\0\0\0 i", 4) = 4
write(5, " t g 0 eA003020105A10302".., 105) = 105
read(4, " k d b 5 _ u t i l l o".., 32768) = 7985
brk(0x0002B710) = 0
brk(0x0002D710) = 0
getpid() = 14196 [14195]
brk(0x0002D710) = 0
brk(0x0002F710) = 0
brk(0x0002F710) = 0
brk(0x00031710) = 0
write(5, "\0\01F9F", 4) Err#32 EPIPE
Received signal #13, SIGPIPE [default]
From the kpropd point of view, if I launch it in debug mode this is
what yields:
Visualizza come pagina Web
root@colcascsv # /usr/local/sbin/kpropd -r SOLARIS -dS -f /tmp/
lave_datatrans -F /usr/local/var/krb5kdc/principal -p /usr/local/sbin/
kdb5_util -a /usr/local/var/krb5kdc/kadm5.acl
Connection from colcascms
krb5_recvauth(5, kprop5_01, host/colcascsv@SOLARIS, ...)
authenticated client: host/colcascms@SOLARIS (etype == DES cbc mode
with CRC-32)
It seems that the slave KDC accepts the MASTER propagation, however
nothing is propagated.
Thanks in advance!
Beste regards,
Andrea
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
