Config file definition in osconf.h and double log entries fromkrb5kdc and kadmind - Kerberos

This is a discussion on Config file definition in osconf.h and double log entries fromkrb5kdc and kadmind - Kerberos ; I have seen other posts on this topic but none of them were conclusive so I decided to give it a shot myself. I see double log entries from krb5kdc and kadmind. Long story short I ended up looking at ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Config file definition in osconf.h and double log entries fromkrb5kdc and kadmind

  1. Config file definition in osconf.h and double log entries fromkrb5kdc and kadmind

    I have seen other posts on this topic but none of them were conclusive
    so I decided to give it a shot myself. I see double log entries from
    krb5kdc and kadmind. Long story short I ended up looking at the
    osconf.h file and the definition for the configuration file. It is
    defined as

    #define DEFAULT_SECURE_PROFILE_PATH "/etc/krb5.conf:@SYSCONFDIR/
    krb5.conf"
    #define DEFAULT_PROFILE_PATH DEFAULT_SECURE_PROFILE_PATH

    if sysconfdir is undefined at configure time then it ends up being "/
    etc/krb5.conf:/etc/krb5.conf" and the same file is parsed twice
    opening the same file twice and getting double entries logged. Of
    course the behavior changes when the KRB5_CONFIG env variable is set
    (to a single file). In that case there are no duplicates in the log
    files. This is a workaround and I can see potentially some benefit
    when parsing multiple files. My question is if that is the intended
    behavior ( possibly parse multiple files ). And based on that would it
    or would it not make sense to define it only as "@SYSCONFDIR/
    krb5.conf" so that /etc/krb5.conf is not considered if sysconfigdir
    has an inteded value and if it doesn't it defaults to /etc/krb5.conf.
    Version is 1.4 but 1.6 looks similar too. Thanks.

    Borislav

  2. Re: Config file definition in osconf.h and double log entries fromkrb5kdc and kadmind

    > Date: Tue, 08 Apr 2008 11:39:20 PDT
    > To: kerberos@mit.edu
    > From: Borislav_S
    > Subject: Config file definition in osconf.h and double log entries from krb5kdc
    > *** and kadmind
    >
    > I have seen other posts on this topic but none of them were conclusive
    > so I decided to give it a shot myself. I see double log entries from
    > krb5kdc and kadmind. Long story short I ended up looking at the
    > osconf.h file and the definition for the configuration file. It is
    > defined as
    >
    > #define DEFAULT_SECURE_PROFILE_PATH "/etc/krb5.conf:@SYSCONFDIR/
    > krb5.conf"
    > #define DEFAULT_PROFILE_PATH DEFAULT_SECURE_PROFILE_PATH
    >
    > if sysconfdir is undefined at configure time then it ends up being "/
    > etc/krb5.conf:/etc/krb5.conf" and the same file is parsed twice
    > opening the same file twice and getting double entries logged. Of
    > course the behavior changes when the KRB5_CONFIG env variable is set
    > (to a single file). In that case there are no duplicates in the log
    > files. This is a workaround and I can see potentially some benefit
    > when parsing multiple files. My question is if that is the intended
    > behavior ( possibly parse multiple files ). And based on that would it
    > or would it not make sense to define it only as "@SYSCONFDIR/
    > krb5.conf" so that /etc/krb5.conf is not considered if sysconfigdir
    > has an inteded value and if it doesn't it defaults to /etc/krb5.conf.
    > Version is 1.4 but 1.6 looks similar too. Thanks.
    >
    > Borislav


    Yes, 1.6 has the same behavior. It would be much nicer if profile_path
    didn't default to the same file twice.

    A kludge that will avoid the double logging property is to
    edit /etc/krb5.conf and change this:
    [logging]*

    The * at the end of the top-level section start causes the section to be
    marked "finalized", which means it can't be changed by reading a later
    configuration file (including the same one twice).

    -Marcus Watts

+ Reply to Thread