Source: krb5 Version: 1.12.1+dfsg-19+deb8u2 Severity: normal Tags: ipv6 It seems that, maybe due to the way systemd agressively parallelizes service startup, krb5-kdc and krb5-admin-server are unable to retrieve "packet info" for the IPv6 wildcard address on my system:
Apr 30 18:20:36 nathot krb5kdc[586]: Invalid argument - Cannot request packet info for udp socket address :: port 88 ... Apr 30 18:20:36 nathot kadmind[589]: Invalid argument - Cannot request packet info for udp socket address :: port 464 A workaround seems to be to make both of these services depend on "network-online.target", e.g.: ~% cat /etc/systemd/system/krb5-kdc.service .include /lib/systemd/system/krb5-kdc.service [Unit] After=network-online.target Wants=network-online.target ~% FWIW, the system exhibiting the bug uses systemd-networkd for managing the (wired-only) network. Without this workaround, restarting the services after the system has come up also results in them being operational. Doing neither of these results (reliably, it seems) in running, but broken Kerberos services, as the daemons do not listen for IPv6 packets. >From a quick glance at the Kerberos source code, the code getting the error is in src/lib/apputils/net-server.c, function set_pktinfo(), which attempts a setsockopt() using the IPV6_RECVPKTINFO option, presumably on a socket bound to the wildcard address. For some reason it seems this fails when attempted (early) during boot. I am not sure whether this is actually a bug in the service files of krb5 (missing dependencies?), in the krb5 source code (maybe the code should ideally react to some netlink event indicating that global IPv6 addresses become available?), or the kernel (why can that setsockopt() call for the wildcard address fail at all?). I'm thus reporting the issue for the krb5 source package, since it is obviously that code that experiences the immediate problem. -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (850, 'testing'), (800, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.5.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
