9.1-RELEASE i386
The general question is: how to properly set up the Kerberos KDC replication system?
The database is in DBM format with master key, stored in the /var/heimdal - the generic setup. I can't find any system /etc/rc.d scripts to launch hpropd replication server. I tried to launch the hpropd daemon via inetd, the config is:
but hpropd fails to determine that it's launched via inetd and opens the listening socket too, the sending process
hangs and does nothing. Specifying the -n parameter to hpropd
introduces another problem:
hprop terminates with error too:
The only way hpropd works fine is when it's launched as a daemon, but it terminates each time the replication session finishes, so it's needed to be wrapped with some restarting loop. Do I need to craft some scripts myself or there are already made somewhere? The same question for hprop (the client side). Should I launch the hprop tool via cron or via shell script? Perhaps somehow like this:
The general question is: how to properly set up the Kerberos KDC replication system?
The database is in DBM format with master key, stored in the /var/heimdal - the generic setup. I can't find any system /etc/rc.d scripts to launch hpropd replication server. I tried to launch the hpropd daemon via inetd, the config is:
Code:
krb5_prop stream tcp wait root /usr/libexec/hpropd hpropd
Code:
[root@h01 /etc]# /usr/libexec/hprop h02
... zzz
Code:
krb5_prop stream tcp wait root /usr/libexec/hpropd hpropd -n
Code:
...
Apr 7 16:59:50 h02 hpropd[2178]: krb5_read_message: Socket is not connected
Apr 7 16:59:50 h02 inetd[1914]: /usr/libexec/hpropd[2178]: exited, status 1
Apr 7 16:59:50 h02 hpropd[2179]: krb5_read_message: Socket is not connected
Apr 7 16:59:50 h02 inetd[1914]: /usr/libexec/hpropd[2179]: exited, status 1
Apr 7 16:59:50 h02 hpropd[2180]: krb5_read_message: Socket is not connected
Apr 7 16:59:50 h02 inetd[1914]: /usr/libexec/hpropd[2180]: exited, status 1
Apr 7 16:59:50 h02 inetd[1914]: krb5_prop/tcp server failing (looping), service terminated
Code:
[root@h01 /etc]# /usr/libexec/hprop h02
hprop: krb5_sendauth (h02): read: Connection reset by peer
[root@h01 /etc]#The only way hpropd works fine is when it's launched as a daemon, but it terminates each time the replication session finishes, so it's needed to be wrapped with some restarting loop. Do I need to craft some scripts myself or there are already made somewhere? The same question for hprop (the client side). Should I launch the hprop tool via cron or via shell script? Perhaps somehow like this:
Code:
while true; do /usr/libexec/hprop h02 h03 h15; sleep 3600; done &
echo $! > /var/run/hprop.pid