From basch@alum.mit.edu Sun Mar 18 15:53:30 2018 Return-Path: Received: from mta10.srv.hcvlny.cv.net (mta10.srv.hcvlny.cv.net [167.206.4.205]) by krbdev.mit.edu (Postfix) with ESMTPS id 68F414FB85 for ; Sun, 18 Mar 2018 15:53:30 -0400 (EDT) X-Content-Analysis: v=2.1 cv=bPfrW6KZ c=1 sm=1 tr=0 a=n+6dpZyqN8Ukwn9TnfXj7Q==:117 a=n+6dpZyqN8Ukwn9TnfXj7Q==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=IkcTkHD0fZMA:10 a=v2DPQv5-lfwA:10 a=Gz7s5_CCAAAA:8 a=ctox3FOh2Sd9kxOMtD8A:9 a=QEXdDO2ut3YA:10 Received: from [24.190.185.144] ([24.190.185.144:60386] helo=k9.internal.bright-prospects.com) by mta2.srv.hcvlny.cv.net (envelope-from ) (ecelerity 3.6.9.48312 r(Core:3.6.9.0)) with ESMTP id 73/62-03148-9B3CEAA5; Sun, 18 Mar 2018 15:53:30 -0400 Received: from [192.168.15.187] (unknown [192.168.15.187]) by k9.internal.bright-prospects.com (Postfix) with ESMTP id BBEC485CE1 for ; Sun, 18 Mar 2018 15:53:29 -0400 (EDT) From: Richard Basch Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: [krbdev.mit.edu #8651] kinit -kt KDB: Cannot find/read stored master key Date: Sun, 18 Mar 2018 15:53:29 -0400 References: <83EEBEA3-C3D0-4276-8547-51FF3A3849CD@alum.mit.edu> <1BAFA6C1-FCDD-477B-8146-D1A841D62763@alum.mit.edu> To: rt-comment@KRBDEV-PROD-APP-1.mit.edu In-Reply-To: <1BAFA6C1-FCDD-477B-8146-D1A841D62763@alum.mit.edu> Message-ID: X-Mailer: Apple Mail (2.3273) RT-Send-Cc: Content-Length: 1837 I see a second open of the fd in the strace… apparently, in some circumstances, it is resulting in a double-read. > On Mar 18, 2018, at 3:51 PM, Richard Basch wrote: > > This might indicate it did a double read of the config file where the data was already consumed… second read may have failed. > But why sporadically? > >> On Mar 18, 2018, at 3:44 PM, Richard Basch wrote: >> >> There was one other small nuance in my test… I used a custom kdc.conf, specified as a bash sub-command: >> >> KRB5_KDC_PROFILE=<(printf …) … >> >> That said, the strace showed it reading from /dev/fd/63 with data returned such as the database_name, so there is no obvious failure on the shell to provide the fd or that the fd was inaccessible. (The only reason I use this syntax to generate a custom KRB5_KDC_PROFILE is to circumvent defining the kadm5_dict_file and loading some of the kadm5 hooks which don’t apply for the kinit operations - this method significantly improves the performance, when it doesn’t sporadically fail.) >> >> >>> On Mar 18, 2018, at 3:31 PM, Greg Hudson via RT wrote: >>> >>> I tried running the same script (inside "make testrealm", and gwithout >>> the env var settings since that's already taken care of) and >>> unfortunately couldn't reproduce the issue, with either master or 1.15. >>> >>> Knowing that it was trying to read the stash file from the unconfigured >>> location is interesting; it suggests perhaps an earlier failure to read >>> $KRB5_KDC_CONFIG or something. But I still can't come up with a theory >>> as to what the bug might be. >>> _______________________________________________ >>> krb5-bugs mailing list >>> krb5-bugs@mit.edu >>> https://mailman.mit.edu/mailman/listinfo/krb5-bugs >> >