Public bug reported:
In an environment where /etc/krb5.conf sets "default_ccache_name =
FILE:/tmp/krb5cc_%{uid}" and you don't have the KRB5CCNAME variable set,
running "adsysctl update" with a AD domain user will fail.
If you either export the variable with the path to the kerberos ticket
OR run the command "adsysctl update <user@domain>
<path_to_kerberos_ticket>" it works.
The adsysctl command should fallback to the default location when
KRB5CCNAME is not defined or have a mechanism to query klist and find
the Kerberos tickets location.
Given that adsys can't find Kerberos tickets when `klist` does. It seems
like a feature parity issue, granted, an edge case.
Here is an example of a reproducer:
https://pastebin.ubuntu.com/p/FjyTWQChjM/
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: adsys 0.9.2~22.04.2
ProcVersionSignature: Ubuntu 6.2.0-1014.14~22.04.1-aws 6.2.16
Uname: Linux 6.2.0-1014-aws x86_64
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckResult: unknown
CloudArchitecture: x86_64
CloudID: aws
CloudName: aws
CloudPlatform: ec2
CloudRegion: us-west-2
CloudSubPlatform: metadata (http://169.254.169.254)
CurrentDesktop: ubuntu:GNOME
Date: Thu Jan 11 11:39:06 2024
Ec2AMI: ami-00094f7041bb1b79d
Ec2AMIManifest: (unknown)
Ec2Architecture: x86_64
Ec2AvailabilityZone: us-west-2b
Ec2Imageid: ami-00094f7041bb1b79d
Ec2InstanceType: t3.large
Ec2Instancetype: t3.large
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Ec2Region: us-west-2
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=en_US.utf8
SHELL=/bin/bash
RebootRequiredPkgs: Error: path contained symlinks.
RelatedPackageVersions:
sssd 2.6.3-1ubuntu3.2
python3-samba 2:4.15.13+dfsg-0ubuntu1.5
SourcePackage: adsys
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.polkit-1.localauthority.conf.d.99-adsys-privilege-enforcement.conf:
[deleted]
modified.conffile..etc.sudoers.d.99-adsys-privilege-enforcement: [deleted]
** Affects: adsys (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug ec2-images jammy
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to adsys in Ubuntu.
https://bugs.launchpad.net/bugs/2049061
Title:
adsysctl update with a domain user fails if KRB5CCNAME is not set
Status in adsys package in Ubuntu:
New
Bug description:
In an environment where /etc/krb5.conf sets "default_ccache_name =
FILE:/tmp/krb5cc_%{uid}" and you don't have the KRB5CCNAME variable
set, running "adsysctl update" with a AD domain user will fail.
If you either export the variable with the path to the kerberos ticket
OR run the command "adsysctl update <user@domain>
<path_to_kerberos_ticket>" it works.
The adsysctl command should fallback to the default location when
KRB5CCNAME is not defined or have a mechanism to query klist and find
the Kerberos tickets location.
Given that adsys can't find Kerberos tickets when `klist` does. It
seems like a feature parity issue, granted, an edge case.
Here is an example of a reproducer:
https://pastebin.ubuntu.com/p/FjyTWQChjM/
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: adsys 0.9.2~22.04.2
ProcVersionSignature: Ubuntu 6.2.0-1014.14~22.04.1-aws 6.2.16
Uname: Linux 6.2.0-1014-aws x86_64
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckResult: unknown
CloudArchitecture: x86_64
CloudID: aws
CloudName: aws
CloudPlatform: ec2
CloudRegion: us-west-2
CloudSubPlatform: metadata (http://169.254.169.254)
CurrentDesktop: ubuntu:GNOME
Date: Thu Jan 11 11:39:06 2024
Ec2AMI: ami-00094f7041bb1b79d
Ec2AMIManifest: (unknown)
Ec2Architecture: x86_64
Ec2AvailabilityZone: us-west-2b
Ec2Imageid: ami-00094f7041bb1b79d
Ec2InstanceType: t3.large
Ec2Instancetype: t3.large
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Ec2Region: us-west-2
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=en_US.utf8
SHELL=/bin/bash
RebootRequiredPkgs: Error: path contained symlinks.
RelatedPackageVersions:
sssd 2.6.3-1ubuntu3.2
python3-samba 2:4.15.13+dfsg-0ubuntu1.5
SourcePackage: adsys
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.polkit-1.localauthority.conf.d.99-adsys-privilege-enforcement.conf:
[deleted]
modified.conffile..etc.sudoers.d.99-adsys-privilege-enforcement: [deleted]
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/2049061/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
