On Thu, Jul 19, 2012 at 4:08 PM, Trond Hasle Amundsen <[email protected]> wrote: > inode0 <[email protected]> writes: > >> So all of my RHEL6.3 boxes that use kerberos for authentication suffer >> breakage after updating glibc. Downgrading glibc* restores them to >> expected behavior. With the new glibc installed I have seen both >> gssapi-with-mic and password auth fail on ssh connections. Lots of >> spewage from pam about not being able to find users or resolve hosts. >> pam_succeed_if for instance can no longer find users not local to the >> machine. >> >> Has anyone else encountered anything like this with the recent update? > > Just guessing... If you have IPv6 addresses in resolv.conf, you could > have been bitten by this rather nasty bug: > > https://bugzilla.redhat.com/show_bug.cgi?id=835090 > https://bugzilla.redhat.com/show_bug.cgi?id=837026 > > An errata was issued yesterday.
I sort of think I am being bitten by the fix. With or without IPv6 addresses in resolv.conf we had working systems prior to applying that update and broken systems after applying it. And reverting that update makes everything work again. Since the errors I see in pam are potentially related to that bit of the update though (failures to resolve the kdc, failures to find the username) I'm guessing there is a connection here. John _______________________________________________ rhelv6-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv6-list
