Bug 20932 - inconsistant kpasswd port
Summary: inconsistant kpasswd port
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: setup   
(Show other bugs)
Version: 7.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Wil Harris
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-11-16 00:20 UTC by Chris Dunlop
Modified: 2007-04-18 16:29 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-11-20 21:45:31 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Chris Dunlop 2000-11-16 00:20:05 UTC
/etc/services defines the kpasswd port to be 761. The kerberos source code
has it as:

krb5-1.2.1/src/include/krb5/stock/osconf.h:#define DEFAULT_KPASSWD_PORT	464

If you don't have kpasswd_server specified in /etc/krb5.conf (the default
install doesn't), the kerberos code then uses the hard-coded value rather
than the value specified in /etc/services. See
changepw.c:krb5_locate_kpasswd().

Comment 1 Chris Dunlop 2000-11-16 00:48:14 UTC
/etc/services also specifies the kpasswd port as tcp:

kpasswd         761/tcp         kpwd            # Kerberos "passwd"


It should be udp: see
krb5-1.2.1/src/lib/krb5/os/locate_kdc.c:krb5_locate_srv_conf()

Comment 2 Chris Dunlop 2000-11-16 01:37:10 UTC
kadmind will listen for password changes on the hard-coded 464 port unless your
kdc.conf contains the undocumented 'kpasswd_port' entry.

Comment 3 Nalin Dahyabhai 2000-11-20 21:45:28 UTC
The entry in /etc/services corresponds to a never-officially-allocated port
number.  This is messy.  Reassigning to the "setup" component, which includes
the /etc/services file.  I'm going to have to go through it looking for other
port-number squatting.

Comment 4 Bill Nottingham 2001-01-29 18:28:28 UTC
This is already fixed in rawhide.

Comment 5 Nalin Dahyabhai 2001-04-26 19:56:08 UTC
Fixed in the current release, via general cleanups in /etc/services, and a patch
David Wragg sent to krbdev.


Note You need to log in before you can comment on or make changes to this bug.