[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: Intermittent failures of mod_krb5
From: Arran Cudbard-Bell <a.cudbardb () freeradius ! org>
Date: 2018-02-25 15:33:30
Message-ID: E9121ACA-E32D-4E7E-9E03-EEB14B546D90 () freeradius ! org
[Download RAW message or body]
> [mods-available/krb5]
> krb5 {
> keytab = /etc/krb5.keytab
> service_principal = 'host/ix-radius1.ad.example.net' # different for each radius \
> server pool { ... everything as defaults ... }
> }
>
> I wonder if there is some sort of leak and I should set "uses" or "lifetime" to \
> limit how long each krb5 instance is used for?
Go for it. I'm not sure that kerberos handles are actually bound to connections \
though i.e. destroying a handle might not actually do anything helpful if libkerberos \
does its own connection management.
-Arran
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic