Bug 20932 - inconsistant kpasswd port
inconsistant kpasswd port
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: setup (Show other bugs)
7.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Wil Harris
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-11-15 19:20 EST by Chris Dunlop
Modified: 2007-04-18 12:29 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-11-20 16:45:31 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Chris Dunlop 2000-11-15 19:20:05 EST
/etc/services defines the kpasswd port to be 761. The kerberos source code
has it as:

krb5-1.2.1/src/include/krb5/stock/osconf.h:#define DEFAULT_KPASSWD_PORT	464

If you don't have kpasswd_server specified in /etc/krb5.conf (the default
install doesn't), the kerberos code then uses the hard-coded value rather
than the value specified in /etc/services. See
changepw.c:krb5_locate_kpasswd().
Comment 1 Chris Dunlop 2000-11-15 19:48:14 EST
/etc/services also specifies the kpasswd port as tcp:

kpasswd         761/tcp         kpwd            # Kerberos "passwd"


It should be udp: see
krb5-1.2.1/src/lib/krb5/os/locate_kdc.c:krb5_locate_srv_conf()
Comment 2 Chris Dunlop 2000-11-15 20:37:10 EST
kadmind will listen for password changes on the hard-coded 464 port unless your
kdc.conf contains the undocumented 'kpasswd_port' entry.
Comment 3 Nalin Dahyabhai 2000-11-20 16:45:28 EST
The entry in /etc/services corresponds to a never-officially-allocated port
number.  This is messy.  Reassigning to the "setup" component, which includes
the /etc/services file.  I'm going to have to go through it looking for other
port-number squatting.
Comment 4 Bill Nottingham 2001-01-29 13:28:28 EST
This is already fixed in rawhide.
Comment 5 Nalin Dahyabhai 2001-04-26 15:56:08 EDT
Fixed in the current release, via general cleanups in /etc/services, and a patch
David Wragg sent to krbdev.

Note You need to log in before you can comment on or make changes to this bug.