Bug ID 545900: if /etc/krb5.conf file edited manually, automated patching of the configuration file fails

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM, Install/Upgrade(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Fixed In:
12.1.0

Opened: Sep 15, 2015
Severity: 3-Major

Symptoms

if /etc/krb5.conf edited manually the automated patching for the configuration file may behave wrong. For example, if file is cleaned up OR section [realms] deleted, then automated patching for the file will add realms records with each apd process restart /etc/krb5.conf grows in size with each apd process restart as a result krb5 library takes too long to parse the file and bigip stops processing requests

Impact

users cannot login if /etc/krb5.conf file size increased significantly. library cannot parse the file

Conditions

/etc/krb5.conf file modified manually

Workaround

Restore original default /etc/krb5.conf file. it will be patched properly at next apd process restart

Fix Information

krb5 patching functionality has been fixed.

Behavior Change