To recap, this bug was about necessary iptables / firewall changes to
allow password changes via the kpasswd protocol. You were seeing the
error message:
May 25 10:36:35 kdc1 kadmind[1385]: chpw: Couldn't connect to client: No such
process
from kadmind when the client tried to change their password via the UDP
password change protocol.
Russ Allbery <r...@debian.org> writes:
> Hm, thanks. I'll try to reproduce this. The error message that you're
> getting is extremely odd, since it's coming from this code:
>
> if (connect(s2, (struct sockaddr *) &from, sizeof(from)) < 0) {
> krb5_klog_syslog(LOG_ERR, "chpw: Couldn't connect to client: %s",
> krb5_get_error_message (context, errno));
> goto cleanup;
> }
>
> The man page for connect doesn't document any circumstance under which
> it would return ESRCH, so I'm not sure how to explain this. The error
> you're getting is from attempting to do the connect on the UDP socket,
> not from actually sending the packet.
I've not been able to reproduce this problem. I'm not sure what to report
upstream about this, if anything.
Are you still having this problem? If so, what iptables rules are you
applying on the KDC? I'd like to try putting the same rules on a test KDC
and see if I can recreate the problem.
--
Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
