I've setup FreeIPA for the first time and am using it successfully with
Linux and Solaris 10 clients. On 8 separate Solaris 9 clients I'm running
into an issue where 'kinit USER', for any user, fails with a segmentation
fault after prompting for a password. On the client side there are no log
entries. On the server side the "Additional pre-authentication required"
entry is written to the log. When I execute 'kinit -k' everything works
normally. I've verified that the keytabs for the Solaris 9 clients use only
des-cbc-crc encryption and that allow_weak_crypto = true is set on the
server side. Running 'truss kinit USER' on the Solaris 9 clients end with:
Incurred fault #6, FLTBOUNDS  %pc = 0xFF3582E4
  siginfo: SIGSEGV SEGV_MAPERR addr=0x00000004
Received signal #11, SIGSEGV (default)
  siginfo: SIGSEGV SEGV_MAPERR addr=0x00000004

I've been fighting this for a while and have ensured that my Solaris 9
boxes are running the latest patches. Kerberos on the clients is the
standard one that comes with Solaris. I've installed no additional kerberos
components or packages.

I'm hoping someone has seen this before or can point me in a new direction.
At this point I've pretty much reached the end of my rope and am looking at
using local passwords (blech!) on my Solaris 9 clients.

Thanks in advance,
Freeipa-users mailing list

Reply via email to