KDC 1.15.1 - addprinc random failure

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

KDC 1.15.1 - addprinc random failure

Yegui Cai
Hi all.

I run KDC 1.15.1. At the host, I use kadmin.local to add a principle. Very
strange that my first attempt failed silently while the second attempt
succeeded. Here are the steps:

[root@gamma-hactive ~]# kadmin.local
Authenticating as principal hdfs/[hidden email] with password.
kadmin.local:  addprinc yegui
WARNING: no policy specified for [hidden email]; defaulting to no policy
Enter password for principal "[hidden email]":
Re-enter password for principal "[hidden email]":
Principal "[hidden email]" created.
kadmin.local:  getprinc yegui
get_principal: Principal does not exist while retrieving "[hidden email]
".
kadmin.local:  addprinc yegui
WARNING: no policy specified for [hidden email]; defaulting to no policy
Enter password for principal "[hidden email]":
Re-enter password for principal "[hidden email]":
Principal "[hidden email]" created.
kadmin.local:  getprinc yegui
Principal: [hidden email]
Expiration date: [never]
Last password change: Fri Feb 01 16:00:09 UTC 2019
Password expiration date: [never]
Maximum ticket life: 1 day 00:00:00
Maximum renewable life: 7 days 00:00:00
Last modified: Fri Feb 01 16:00:09 UTC 2019 (hdfs/[hidden email])
Last successful authentication: [never]
Last failed authentication: [never]
Failed password attempts: 0
Number of keys: 4
Key: vno 1, aes256-cts-hmac-sha1-96
Key: vno 1, aes128-cts-hmac-sha1-96
Key: vno 1, des3-cbc-sha1
Key: vno 1, arcfour-hmac
MKey: vno 1
Attributes: REQUIRES_PRE_AUTH
Policy: [none]

Any idea? Thanks!
Yegui
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: KDC 1.15.1 - addprinc random failure

Yegui Cai
Hi all.
I just found out that the issue was caused by some race conditions when I
experiment with master-master deployment. Please ignore this thread.
Cheers,
Yegui

On Fri, Feb 1, 2019 at 11:20 AM Yegui Cai <[hidden email]> wrote:

> Hi all.
>
> I run KDC 1.15.1. At the host, I use kadmin.local to add a principle. Very
> strange that my first attempt failed silently while the second attempt
> succeeded. Here are the steps:
>
> [root@gamma-hactive ~]# kadmin.local
> Authenticating as principal hdfs/[hidden email] with password.
> kadmin.local:  addprinc yegui
> WARNING: no policy specified for [hidden email]; defaulting to no
> policy
> Enter password for principal "[hidden email]":
> Re-enter password for principal "[hidden email]":
> Principal "[hidden email]" created.
> kadmin.local:  getprinc yegui
> get_principal: Principal does not exist while retrieving "
> [hidden email]".
> kadmin.local:  addprinc yegui
> WARNING: no policy specified for [hidden email]; defaulting to no
> policy
> Enter password for principal "[hidden email]":
> Re-enter password for principal "[hidden email]":
> Principal "[hidden email]" created.
> kadmin.local:  getprinc yegui
> Principal: [hidden email]
> Expiration date: [never]
> Last password change: Fri Feb 01 16:00:09 UTC 2019
> Password expiration date: [never]
> Maximum ticket life: 1 day 00:00:00
> Maximum renewable life: 7 days 00:00:00
> Last modified: Fri Feb 01 16:00:09 UTC 2019 (hdfs/[hidden email])
> Last successful authentication: [never]
> Last failed authentication: [never]
> Failed password attempts: 0
> Number of keys: 4
> Key: vno 1, aes256-cts-hmac-sha1-96
> Key: vno 1, aes128-cts-hmac-sha1-96
> Key: vno 1, des3-cbc-sha1
> Key: vno 1, arcfour-hmac
> MKey: vno 1
> Attributes: REQUIRES_PRE_AUTH
> Policy: [none]
>
> Any idea? Thanks!
> Yegui
>
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos