Description of problem: When not logged into e.g. the Red Hat internal network via VPN, i.e. the configured Kerberos servers are not resolvable, having krb5-auth-dialog causes real DNS storms (several hundred packets per second) which have even caused my WLAN card to wedge once. Version-Release number of selected component (if applicable): krb5-auth-dialog-0.6.cvs20060212-1 krb5-libs-1.4.3-4.1 krb5-workstation-1.4.3-4.1 How reproducible: Easy Steps to Reproduce: 1. Have your KRB5 servers not resolvable (e.g. log off the VPN) 2. Have krb5-auth-dialog running 3. Watch your NIC activity light go bonkers and/or run tcpdump/ethereal Actual results: Will attach about 1 second of "tcpdump -A ... udp port 53", the DNS server will not magically know about those servers, even if asked a million times ;-) Expected results: Should determine when they're not resolvable/reachable and perhaps only try once a minute or so. Additional info:
Likely the same problem, but I also see that if the krb servers are not available when the tickets expire and need renewing, krb-auth-dialog goes into a CPU bound loop and must be killed.
Perhaps that would explain why I manually need to use kinit (i.e. krb5-auth-dialog doesn't ask for a password when the krb servers become available) once e.g. logging into the VPN (where the KRB servers are).
krb5-auth-dialog-0.6.cvs20060212-1.1 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.
Fedora Core 5 is no longer maintained. Is this bug still present in Fedora 7 or Fedora 8?
I believe not.