From basch@alum.mit.edu Sun Mar 18 15:45:00 2018 Return-Path: Received: from mta5.srv.hcvlny.cv.net (mta5.srv.hcvlny.cv.net [167.206.4.200]) by krbdev.mit.edu (Postfix) with ESMTPS id 883E54FB2F for ; Sun, 18 Mar 2018 15:45:00 -0400 (EDT) X-Content-Analysis: v=2.1 cv=UNEgZ3ry c=1 sm=1 tr=0 a=n+6dpZyqN8Ukwn9TnfXj7Q==:117 a=n+6dpZyqN8Ukwn9TnfXj7Q==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=IkcTkHD0fZMA:10 a=v2DPQv5-lfwA:10 a=Gz7s5_CCAAAA:8 a=v7qOUBpMMAjcYYZcGrUA:9 a=QEXdDO2ut3YA:10 Received: from [24.190.185.144] ([24.190.185.144:60318] helo=k9.internal.bright-prospects.com) by mta1.srv.hcvlny.cv.net (envelope-from ) (ecelerity 3.6.9.48312 r(Core:3.6.9.0)) with ESMTP id 70/9F-04056-CB1CEAA5; Sun, 18 Mar 2018 15:45:00 -0400 Received: from [192.168.15.187] (unknown [192.168.15.187]) by k9.internal.bright-prospects.com (Postfix) with ESMTP id AA86A801FE; Sun, 18 Mar 2018 15:44:59 -0400 (EDT) Content-Type: text/plain; charset=utf-8 MIME-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: [krbdev.mit.edu #8651] kinit -kt KDB: Cannot find/read stored master key From: Richard Basch In-Reply-To: Date: Sun, 18 Mar 2018 15:44:59 -0400 Content-Transfer-Encoding: quoted-printable Message-ID: <83EEBEA3-C3D0-4276-8547-51FF3A3849CD@alum.mit.edu> References: To: rt-comment@KRBDEV-PROD-APP-1.mit.edu X-Mailer: Apple Mail (2.3273) RT-Send-Cc: Content-Length: 1353 There was one other small nuance in my test… I used a custom kdc.conf, specified as a bash sub-command: KRB5_KDC_PROFILE=<(printf …) … That said, the strace showed it reading from /dev/fd/63 with data returned such as the database_name, so there is no obvious failure on the shell to provide the fd or that the fd was inaccessible. (The only reason I use this syntax to generate a custom KRB5_KDC_PROFILE is to circumvent defining the kadm5_dict_file and loading some of the kadm5 hooks which don’t apply for the kinit operations - this method significantly improves the performance, when it doesn’t sporadically fail.) > On Mar 18, 2018, at 3:31 PM, Greg Hudson via RT wrote: > > I tried running the same script (inside "make testrealm", and gwithout > the env var settings since that's already taken care of) and > unfortunately couldn't reproduce the issue, with either master or 1.15. > > Knowing that it was trying to read the stash file from the unconfigured > location is interesting; it suggests perhaps an earlier failure to read > $KRB5_KDC_CONFIG or something. But I still can't come up with a theory > as to what the bug might be. > _______________________________________________ > krb5-bugs mailing list > krb5-bugs@mit.edu > https://mailman.mit.edu/mailman/listinfo/krb5-bugs