Alan DeKok wrote: > "George C. Kaplan" <[EMAIL PROTECTED]> wrote: > >> freeradius 1.1.1, compiled from ports with MIT kerberos support >> FreeBSD 5.5-PRERELEASE >> >>I'll file a bug report once my bugzilla password comes through. In the >>meantime, suggestions for more detailed troubleshooting here are welcome. > > > I don't run kerberos myself, so I'm unsure as to how to reproduce > it. Could you attach example krb.conf files, and the "krb5{}" section > from radiusd.conf?
I put some notes on a minimal radius config in bug report #365. A bare-bones version of our krb5.conf is attached. Substitute the FQHN of your system running a dummy kerberos server ('nc -l 88' works) in the 'kdc' line. If you've got it set up right, a 'radtest' will time out after several seconds with a "Cannot contact any KDC..." message in radius.log. If you HUP the radiusd before it times out, that should trigger the lockup. > Or, you could use gdb to attach to the running process. e.g. > > $ radiusd ... > $ ps -ef | grep radiusd > $ nice +15 <radiusd-pid> > <reproduce the problem> > $ gdb `which radiusd` <radiusd-pid> > > $ thread apply all bt full > $ cont > > You may have to do the last two steps a few times to see where the > server is locked. OK, I'll try to do this in the next day or so. -- George C. Kaplan [EMAIL PROTECTED] Communication & Network Services 510-643-0496 University of California at Berkeley
[libdefaults] default_realm = BERKELEY.EDU [realms] BERKELEY.EDU = { kdc = kerberos.berkeley.edu:88 }
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html