kdcmond
-- KDC monitoring daemon -- Open Directory Single Sign On
kdcmond [-n] [-s] [-d] [-v debug_level] [-c path]
launches, monitors, and relaunches the Kerberos
KDC ( krb5kdc ) process, registers the KDC over Rendezvous using the following DNS records:
TXT 7200 _kerberos.hostname.
SRV 7200 _kerberos._udp.REALM.
SRV 7200 _kerberos._tcp.REALM.
When the network state changes kdcmond
sends SIGUSER1
to the krb5kdc
process to
notify the KDC to re‑initlaize its network listeners.
OPTIONS
-n | prevents kdcmond from daemonizing
| ||||
-d | prevents kdcmond from registering the KDC over Rendezvous
| ||||
-c path |
FILES
/var/db/krb5kdc/kdc.conf
The realm name and port numbers are read from this file
## This file autogenerated by KDCSetup from (null) ## [libdefaults] default_realm = LKDC:SHA1.3F9152BE36C6615279B305891FC4011BD481CA63 [kdcdefaults] kdc_ports = 88 kdc_tcp_ports = 88 [realms] LKDC:SHA1.3F9152BE36C6615279B305891FC4011BD481CA63 = { kadmind_port = 749 max_life = 10h 0m 0s max_renewable_life = 7d 0h 0m 0s master_key_type = des3-hmac-sha1 supported_enctypes = des3-hmac-sha1:normal arcfour-hmac-md5:normal des-cbc-crc:normal des-cbc-crc:v4 acl_file = /var/db/krb5kdc/kadm5.acl admin_keytab = /var/db/krb5kdc/kadm5.keytab database_name = /var/db/krb5kdc/principal.LKDC:SHA1.3F9152BE36C6615279B305891FC4011BD481CA63 key_stash_file = /var/db/krb5kdc/.k5.LKDC:SHA1.3F9152BE36C6615279B305891FC4011BD481CA63 } [logging] kdc = FILE:/var/log/krb5kdc/kdc.log
Jan 26 16:08:59 smacker.local krb5kdc[81](info): setting up network... Jan 26 16:09:00 smacker.local krb5kdc[81](info): listening on fd 9: udp fe80::1%lo0.88 krb5kdc: setsockopt(IPV6_V6ONLY,1) worked Jan 26 16:09:00 smacker.local krb5kdc[81](info): listening on fd 11: tcp 0.0.0.0.88 Jan 26 16:09:00 smacker.local krb5kdc[81](info): listening on fd 10: tcp ::.88 Jan 26 16:09:00 smacker.local krb5kdc[81](info): set up 3 sockets Jan 26 16:09:00 smacker.local krb5kdc[81](info): commencing operation krb5kdc: Interrupted system call - while selecting for network input(1) krb5kdc: Interrupted system call - signal_requests_network recieved Jan 26 20:09:14 smacker.local krb5kdc[81](info): setting up network... Jan 26 20:09:14 smacker.local krb5kdc[81](info): listening on fd 9: udp fe80::1%lo0.88 Jan 26 20:09:14 smacker.local krb5kdc[81](info): listening on fd 10: udp fe80::219:e3ff:fe32:f8c%en1.88 Jan 26 20:09:14 smacker.local krb5kdc[81](info): listening on fd 11: udp 192.168.1.12.88 Jan 26 20:09:14 smacker.local krb5kdc[81](info): skipping unrecognized local address family 16 krb5kdc: setsockopt(IPV6_V6ONLY,1) worked Jan 26 20:09:14 smacker.local krb5kdc[81](info): listening on fd 13: tcp 0.0.0.0.88 Jan 26 20:09:14 smacker.local krb5kdc[81](info): listening on fd 12: tcp ::.88 Jan 26 20:09:14 smacker.local krb5kdc[81](info): set up 5 sockets
admin_server = FILE:/var/log/krb5kdc/kadmin.log
Jan 05 15:16:49 smacker.local kadmin.local[23648](info): No dictionary file specified, continuing without one.
Debug level 1 provides status information, higher levels add progressivly more levels of detail.
SEE
configd(8), kerberos(1), kerberosautoconfig(8), kdcsetup(8), krbservicesetup(8), krb5kdc(8),
sso_util(8)
January 26, 2008 Darwin
kdcmond(8) BSD System Manager's Manual