On Apr 4, 2021, at 14:08, Gordon Messmer <gordon.mess...@gmail.com> wrote: >> $ cat /etc/krb5.conf >> [libdefaults] >> default_ccache_name = KEYRING:persistent:%{uid} > > Specifically, I thought that sssd defaults to KCM storage for kerberos > credentials, not the kernel keyring. You might be seeing an SELinux > deny due to non-default ccache storage.
Only if sssd-kcm is installed. Otherwise the keyring is default. I normally use the keyring on my systems. No selinux issues there. -- Jonathan Billings _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos