[24252] in Kerberos
Re: Assertion failuers
daemon@ATHENA.MIT.EDU (Phil Dibowitz)
Fri Jul 8 00:57:03 2005
Date: Thu, 7 Jul 2005 21:56:04 -0700
From: Phil Dibowitz <phil@usc.edu>
To: Ken Raeburn <raeburn@mit.edu>
Message-ID: <20050708045604.GK8907@usc.edu>
Mail-Followup-To: Ken Raeburn <raeburn@MIT.EDU>, kerberos@mit.edu,
Toan Nguyen <toan@usc.edu>
Mime-Version: 1.0
In-Reply-To: <b0fa5cba2dd4116a593205839e502618@mit.edu>
cc: Toan Nguyen <toan@usc.edu>
cc: kerberos@mit.edu
Content-Type: multipart/mixed; boundary="===============72687204075033773=="
Errors-To: kerberos-bounces@mit.edu
--===============72687204075033773==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="xrRZJmfMt0dTT4Ad"
Content-Disposition: inline
--xrRZJmfMt0dTT4Ad
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Jul 07, 2005 at 10:37:52PM -0400, Ken Raeburn wrote:
> Without a bit more data, it's hard to tell. Do these applications link=
=20
> against the pthread library? Did you give any interesting options when=
=20
> configuring the Kerberos code? What did configure report when it went=20
> looking for pthread_once?
Well, with openssh it's simply --with-kerberos5=3D/usr/lsd/kerberos/default
But it's pretty much anything that uses 1.4.1 including homegrown software -
but only on 2.6.
Here's and ldd output (note that /usr/lsd/kerberos/default is the same as
/usr/lsd/kerberos/5-1.4.1 in this case - it's a symlink):
[root@ain openssh]# ldd default/sbin/sshd
libbsm.so.1 =3D> /usr/lib/libbsm.so.1
libpam.so.1 =3D> /usr/lib/libpam.so.1
libdl.so.1 =3D> /usr/lib/libdl.so.1
libresolv.so.2 =3D> /usr/lib/libresolv.so.2
libcrypto.so.0.9.7 =3D>
/usr/lsd/openssl/default-0.9.7/lib/libcrypto.so.0.9.7
libposix4.so.1 =3D> /usr/lib/libposix4.so.1
libz.so =3D> /usr/lib/libz.so
libsocket.so.1 =3D> /usr/lib/libsocket.so.1
libnsl.so.1 =3D> /usr/lib/libnsl.so.1
libgssapi_krb5.so.2 =3D>
/usr/lsd/kerberos/5-1.4.1/lib/libgssapi_krb5.so.2
libkrb5.so.3 =3D> /usr/lsd/kerberos/5-1.4.1/lib/libkrb5.so.3
libk5crypto.so.3 =3D>
/usr/lsd/kerberos/5-1.4.1/lib/libk5crypto.so.3
libkrb5support.so.0 =3D>
/usr/lsd/kerberos/5-1.4.1/lib/libkrb5support.so.0
libcom_err.so.3 =3D> /usr/lsd/kerberos/5-1.4.1/lib/libcom_err=
=2Eso.3
libc.so.1 =3D> /usr/lib/libc.so.1
libaio.so.1 =3D> /usr/lib/libaio.so.1
libmp.so.2 =3D> /usr/lib/libmp.so.2
And it turns out that with ssh it's either kerb auth or password auth that
will kill it, but sshkey auth works.
[root@ain openssh]# /usr/lsd/openssh/3.9p1.new/sbin/sshd -p 1022 -ddd
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len =3D 367
debug2: parse_server_config: config /etc/ssh/sshd_config len 367
debug1: sshd version OpenSSH_3.9p1
debug1: private host key: #0 type 0 RSA1
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
debug1: rexec_argv[0]=3D'/usr/lsd/openssh/3.9p1.new/sbin/sshd'
debug1: rexec_argv[1]=3D'-p'
debug1: rexec_argv[2]=3D'1022'
debug1: rexec_argv[3]=3D'-ddd'
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 1022 on 0.0.0.0.
Server listening on 0.0.0.0 port 1022.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: fd 5 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd =3D 10 config len 367
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 10
Assertion failed: i->did_run !=3D 0, file
=2E./../../../src/lib/krb5/../../include/k5-platform.h, line 232
Abort
[root@ain openssh]#=20
--=20
Phil Dibowitz
Systems Architect and Administrator
Enterprise Infrastructure / ISD / USC
UCC 180 - 213-821-5427
--xrRZJmfMt0dTT4Ad
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFCzgdk7lkZ1Iyv898RAhn6AKDUTRXxWcPtLxbGa1EPI6m6P8RplgCg2AWv
E8fyfCCjnNZbZytKY2NZF1U=
=6aQE
-----END PGP SIGNATURE-----
--xrRZJmfMt0dTT4Ad--
--===============72687204075033773==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
--===============72687204075033773==--
