Bug 71526

Summary: kinit -f -t kerb_tab core dumps.
Product: Red Hat Enterprise Linux 3 Reporter: Stephen John Smoogen <smooge>
Component: krb5Assignee: Nalin Dahyabhai <nalin>
Status: CLOSED WONTFIX QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: medium    
Version: 3.0CC: notting
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-10-19 19:36:33 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Description Flags
Strace of coredumping kinit.
Fix from LANL to deal with kinit -t -k problems none

Description Stephen John Smoogen 2002-08-14 19:13:04 UTC
Description of Problem:

kinit will core dump on 'personal' servtabs. This problem seems to be Linux
oriented as compiling the code on Solaris 2.6/7/8 does not cause a core dump.

This bug seems very similar to the one in 11483 but I dont know how much of the
code base has changed. I have duplicated the problem in 7.0/7.1/7.2/7.3 and the
latest rawhide sourcecode.

smoogen:{smoogen}$ /usr/kerberos/sbin/kadmin -p smoogen@lanl.gov
Authenticating as principal smoogen@lanl.gov with password.
Enter password:
kadmin:  ktadd -k kerb_tab smoogen@lanl.gov
Entry for principal smoogen@lanl.gov with kvno 5, encryption type DES
cbc mode with CRC-32 added to keytab WRFILE:kerb_tab.
kadmin:  exit

smoogen:{smoogen}$ /usr/kerberos/bin/kinit -k -t kerb_tab
Segmentation fault (core dumped)

Doing a core-dump trace.. it looks like it is occuring in a free...

(gdb) where
#0  0x4207aced in free () from /lib/i686/libc.so.6
#1  0x40079af8 in krb5_free_keyblock () from
#2  0x400777c4 in krb5_get_as_key_keytab () from
#3  0x400775d8 in krb5_get_init_creds () from
#4  0x400778f6 in krb5_get_init_creds_keytab ()
   from /usr/kerberos/lib/libkrb5.so.3
#5  0x0804ac51 in kinit_prompter ()
#6  0x0804b576 in kinit_prompter ()
#7  0x42017589 in __libc_start_main () from /lib/i686/libc.so.6

Will attach strace output in short while (with hostnames changed due to govt).

Comment 1 Stephen John Smoogen 2002-08-14 19:13:48 UTC
Created attachment 70664 [details]
Strace of coredumping kinit.

Comment 2 Stephen John Smoogen 2002-10-01 18:15:36 UTC
Created attachment 77864 [details]
Fix from LANL to deal with kinit -t -k problems

Comment 3 Bill Nottingham 2006-08-07 20:05:35 UTC
Red Hat Linux is no longer supported by Red Hat, Inc. If you are still
running Red Hat Linux, you are strongly advised to upgrade to a
current Fedora Core release or Red Hat Enterprise Linux or comparable.
Some information on which option may be right for you is available at

Red Hat apologizes that these issues have not been resolved yet. We do
want to make sure that no important bugs slip through the cracks.
Please check if this issue is still present in a current Fedora Core
release. If so, please change the product and version to match, and
check the box indicating that the requested information has been
provided. Note that any bug still open against Red Hat Linux on will be
closed as 'CANTFIX' on September 30, 2006. Thanks again for your help.

Comment 4 Stephen John Smoogen 2006-08-26 17:11:30 UTC
This problem is replicatable in RHEL-2 and RHEL-3 at the old workplace. I will
move to RHEL. I do not have access to a kerberos server at this time so will not
be able to replicate again. Please assign to who-ever is doing kerberos at this
time as Nalin I think is doing other things.

Comment 5 RHEL Product and Program Management 2007-10-19 19:36:33 UTC
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
For more information of the RHEL errata support policy, please visit:
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.