rsyslog is not able to request host TGT kerberos ticket on RHEL6
Issue
If the system does not have a valid TGT and/or host ticket on the client or server, rsyslog does not correctly contact the kdc to refresh the tickets (/var/log/krb5kdc.log)
krb5kdc[2116](info): TGS_REQ (4 etypes {18 17 16 23}) 192.168.1.3: PROCESS_TGS: authtime 0, <unknown client> for <unknown server>, Ticket expired.
The administrator has to run kinit -k
manually on the client and/or server to refresh the TGT.
Environment
Red Hat Enterprise Linux 6.3
ipa-server-2.2.0-16.el6.x86_64
krb5-server-1.9-33.el6.x86_64
rsyslog-5.8.10-2.el6.x86_64
rsyslog-gssapi-5.8.10-2.el6.x86_64
krb5-workstation-1.9-33.el6.x86_64
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.