Alan DeKok wrote:
> "George C. Kaplan" <[EMAIL PROTECTED]> wrote:
>
>> freeradius 1.1.1, compiled from ports with MIT kerberos support
>> FreeBSD 5.5-PRERELEASE
>>
>>I'll file a bug report once my bugzilla password comes through. In the
>>meantime, suggestions for more detailed troubleshooting here are welcome.
>
>
> I don't run kerberos myself, so I'm unsure as to how to reproduce
> it. Could you attach example krb.conf files, and the "krb5{}" section
> from radiusd.conf?
I put some notes on a minimal radius config in bug report #365. A
bare-bones version of our krb5.conf is attached. Substitute the FQHN of
your system running a dummy kerberos server ('nc -l 88' works) in the
'kdc' line. If you've got it set up right, a 'radtest' will time out
after several seconds with a "Cannot contact any KDC..." message in
radius.log. If you HUP the radiusd before it times out, that should
trigger the lockup.
> Or, you could use gdb to attach to the running process. e.g.
>
> $ radiusd ...
> $ ps -ef | grep radiusd
> $ nice +15 <radiusd-pid>
> <reproduce the problem>
> $ gdb `which radiusd` <radiusd-pid>
>
> $ thread apply all bt full
> $ cont
>
> You may have to do the last two steps a few times to see where the
> server is locked.
OK, I'll try to do this in the next day or so.
--
George C. Kaplan [EMAIL PROTECTED]
Communication & Network Services 510-643-0496
University of California at Berkeley
[libdefaults]
default_realm = BERKELEY.EDU
[realms]
BERKELEY.EDU = {
kdc = kerberos.berkeley.edu:88
}
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
