There's two different but very related issues regarding the snapified packages.
The kerberos is one, but the other one is the issue of snap packages not using the system certificate store, preventing secure use of organizational CAs. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1849346 Title: [snap] kerberos GSSAPI no longer works after deb->snap transition Status in Mozilla Firefox: New Status in snapd: New Status in chromium-browser package in Ubuntu: In Progress Status in firefox package in Ubuntu: In Progress Bug description: Workaround ---------- Execute echo 'default_ccache_name = FILE:/home/%{username}/krb5cc' >> /etc/krb5.conf so that the Kerberos credentials are stored in a file path a snapped application can read. Acknowledgement: For many that can't work for {different reasons}, as stated in multiple comments below. Nonetheless it is worth a mention. Original report --------------- I configure AuthServerWhitelist as documented: https://www.chromium.org/developers/design-documents/http- authentication and can see my whitelisted domains in chrome://policy/ but websites that used to work with SPNEGO/GSSAPI/kerberos no longer work. I'm guessing the snap needs some sort of permission to use the kerberos ticket cache (or the plumbing to do so doesn't exist...). I can confirm that Chrome has the desired behavior. To manage notifications about this bug go to: https://bugs.launchpad.net/firefox/+bug/1849346/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
