I agree with Sam and Andreas, we should not change the krb5kdc systemd
unit file because of freeipa. I am assigning this bug back to freeipa.
** Package changed: krb5 (Ubuntu) => freeipa (Ubuntu)
** Changed in: freeipa (Ubuntu)
Status: New => Triaged
** Changed in: freeipa (Ubuntu)
In general I tend to agree with Sam. A config was changed (kdc logging
to a file in /var/log/), and for it to work fully another config needs
to be changed (systemd). FreeIPA (who made the first change) can easily
create a systemd override for this.
That being said, it's not super unreasonable
In general I tend to agree with Sam. A config was changed (kdc logging
to a file in /var/log/), and for it to work fully another config needs
to be changed (systemd). FreeIPA (who made the first change) can easily
create a systemd override for this.
That being said, it's not super unreasonable
I'm going to push back on the reassignment to krb5.
I think this is a freeipa bug.
Kerberos's systemd service unit is correct for Kerberos.
freeipa is the one that is deciding it wants to change the Kerberos
logging configuration, and thus is the one that should adjust the
permissions.
Honestly
** Package changed: freeipa (Ubuntu) => krb5 (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1874915
Title:
krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only
file