Dear all,
after the upgrade from 8.2 to 8.3 one of the applications we use has unclear Kerberos authentication issues. I was going to diagnose these and tried: yum debuginfo-install krb5-libs
However, I get: Could not find debuginfo package for the following installed packages: krb5-libs-1.18.2-5.el8.x86_64 Could not find debugsource package for the following installed packages: krb5-libs-1.18.2-5.el8.x86_64
Checking on http://debuginfo.centos.org/8/x86_64/Packages/ , I do indeed not find these packages, also glibc and other debug info packages are missing.
Are they still being uploaded, or am I using a wrong repository?
Thanks and cheers, Oliver
On 08.12.20 23:02, Oliver Freyermuth via CentOS wrote:
after the upgrade from 8.2 to 8.3 one of the applications we use has unclear Kerberos authentication issues.
I can't tell anything regarding the debuginfo package, but I can point you into the direction, that DES support is dropped in release 8.3. Maybe this is the root cause of you issues.
Best regards Ulf
Am 11.12.20 um 18:55 schrieb Ulf Volmer:
On 08.12.20 23:02, Oliver Freyermuth via CentOS wrote:
after the upgrade from 8.2 to 8.3 one of the applications we use has unclear Kerberos authentication issues.
I can't tell anything regarding the debuginfo package, but I can point you into the direction, that DES support is dropped in release 8.3. Maybe this is the root cause of you issues.
Thanks for the pointer! Sadly, the only message the application gives is a "kvno mismatch", it would likely be helpful to get the actual underlying error by stepping into the library with gdb (the application we use eats the error message :-( ), since we don't operate the KDC but only the clients and want to provide a clear bug report (I also suspect this might be DES or 3DES related, though...). Since it does not affect all applications, I can't be sure it's an external issue, though.
I'll wait a bit longer, maybe somebody has an idea what happened to those debuginfo packages.
Cheers and thanks, Oliver
On 11.12.20 19:44, Oliver Freyermuth via CentOS wrote:
Am 11.12.20 um 18:55 schrieb Ulf Volmer:
On 08.12.20 23:02, Oliver Freyermuth via CentOS wrote:
after the upgrade from 8.2 to 8.3 one of the applications we use has unclear Kerberos authentication issues.
I can't tell anything regarding the debuginfo package, but I can point you into the direction, that DES support is dropped in release 8.3. Maybe this is the root cause of you issues.
Thanks for the pointer! Sadly, the only message the application gives is a "kvno mismatch", it would likely be helpful to get the actual underlying error by stepping into the library with gdb (the application we use eats the error message :-( ),
kvno is usally that your local ticket number did not match the version on the kerberos master. But I don't know how the encryption type can trigger this behavior.
since we don't operate the KDC but only the clients and want to provide a clear bug report (I also suspect this might be DES or 3DES related, though...).
It is difficult, if you don't operate the KDC. I would start with manually get a ticket and provide the output of "klist -e" and "klist -t" to the KDC operators.
Best regards Ulf
I only know how to find
Since it does not affect all applications, I can't be sure it's an external issue, though.
I'll wait a bit longer, maybe somebody has an idea what happened to those debuginfo packages.
Cheers and thanks, Oliver _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Am 11.12.20 um 20:21 schrieb Ulf Volmer:
On 11.12.20 19:44, Oliver Freyermuth via CentOS wrote:
Am 11.12.20 um 18:55 schrieb Ulf Volmer:
On 08.12.20 23:02, Oliver Freyermuth via CentOS wrote:
after the upgrade from 8.2 to 8.3 one of the applications we use has unclear Kerberos authentication issues.
I can't tell anything regarding the debuginfo package, but I can point you into the direction, that DES support is dropped in release 8.3. Maybe this is the root cause of you issues.
Thanks for the pointer! Sadly, the only message the application gives is a "kvno mismatch", it would likely be helpful to get the actual underlying error by stepping into the library with gdb (the application we use eats the error message :-( ),
kvno is usally that your local ticket number did not match the version on the kerberos master. But I don't know how the encryption type can trigger this behavior.
I could imagine something ugly like the (3)DES removal causing invisibility of some entries in the keytab, and then a problem arising when there is no matching kvno locally. Since our client application eats the underlying error, it's hard to debug.
since we don't operate the KDC but only the clients and want to provide a clear bug report (I also suspect this might be DES or 3DES related, though...).
It is difficult, if you don't operate the KDC. I would start with manually get a ticket and provide the output of "klist -e" and "klist -t" to the KDC operators.
Did that, thanks. Since they are already in holidays, this will likely take 'till next year, but maybe we'll also get debug symbols by then. Let's hope for the best :-).
Cheers and thanks, Oliver
Best regards Ulf
I only know how to find
Since it does not affect all applications, I can't be sure it's an external issue, though.
I'll wait a bit longer, maybe somebody has an idea what happened to those debuginfo packages.
Cheers and thanks, Oliver _______________________________________________
-
Oliver Freyermuth -
Ulf Volmer