When setting up a new slave, I usually have to manually copy the krb5kdc
folder to the slave, then propagation works.

Jason

Jason Edgecombe
Solaris & Linux Administrator
Mosaic Computing Group, College of Engineering
UNC-Charlotte
Phone: (704) 687-3514


-----Original Message-----
From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On
Behalf Of Andrea Cirulli
Sent: Tuesday, February 26, 2008 2:19 PM
To: kerberos@mit.edu
Cc: andrea.cirulli@valueteam.com
Subject: KDC Master/Slave replication and propagation

Hi all,
I'm trying to setup a master/slave KDC architecture on SOLARIS 9.
I' ve setup correctly the master and slave, but when I execute kprop
on the master to dispatch the Kerberos DB, the latter command yields
the following output:

Broken Pipe

In particular, if I execute kprop with truss this is what i obtain:
..
..
..
close(5) = 0
read(256, " # i d e n t\t " @ ( # )".., 1024) = 1024
read(256, " o t o c o l v 2\n l d".., 1024) = 1024
read(256, " 1 3 9 / u d p\t\t\t\t #".., 1024) = 1024
read(256, " c p\t\t\t\t # E C D ".., 1024) = 859
close(256) = 0
so_socket(PF_INET, SOCK_STREAM, IPPROTO_IP, "", 1) = 5
connect(5, 0xFFBFF878, 16, 1) = 0
getsockname(5, 0xFFBFF878, 0xFFBFF874, 1) = 0
write(5, "\0\0\013", 4) = 4
write(5, " K R B 5 _ S E N D A U T".., 19) = 19
write(5, "\0\0\0\n", 4) = 4
write(5, " k p r o p 5 _ 0 1\0", 10) = 10
read(5, "\0", 1) = 1
time() = 1204020515
getpid() = 14196 [14195]
getpid() = 14196 [14195]
getpid() = 14196 [14195]
write(5, "\0\001 u", 4) = 4
write(5, " n8201 q 08201 mA0030201".., 373) = 373
read(5, "\0\0\0\0", 4) = 4
read(5, "\0\0\0 S", 4) = 4
read(5, " o Q 0 OA003020105A10302".., 83) = 83
getpid() = 14196 [14195]
write(5, "\0\0\0 i", 4) = 4
write(5, " t g 0 eA003020105A10302".., 105) = 105
read(4, " k d b 5 _ u t i l l o".., 32768) = 7985
brk(0x0002B710) = 0
brk(0x0002D710) = 0
getpid() = 14196 [14195]
brk(0x0002D710) = 0
brk(0x0002F710) = 0
brk(0x0002F710) = 0
brk(0x00031710) = 0
write(5, "\0\01F9F", 4) Err#32 EPIPE
Received signal #13, SIGPIPE [default]

From the kpropd point of view, if I launch it in debug mode this is
what yields:

Visualizza come pagina Web

root@colcascsv # /usr/local/sbin/kpropd -r SOLARIS -dS -f /tmp/
lave_datatrans -F /usr/local/var/krb5kdc/principal -p /usr/local/sbin/
kdb5_util -a /usr/local/var/krb5kdc/kadm5.acl

Connection from colcascms
krb5_recvauth(5, kprop5_01, host/colcascsv@SOLARIS, ...)
authenticated client: host/colcascms@SOLARIS (etype == DES cbc mode
with CRC-32)

It seems that the slave KDC accepts the MASTER propagation, however
nothing is propagated.

Thanks in advance!

Beste regards,
Andrea


________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos