On Tue, Jun 4, 2019 at 1:25 AM Winberg Adam <adam.winb...@smhi.se> wrote:
> Sounds like the same issue I had, i created a bugzilla ticket for it: > https://bugzilla.redhat.com/show_bug.cgi?id=1712875 Thanks; I piled on. > For us KCM does not bring anything extra to the table as it does not > manage ticket renewals yet, so we switched back to kernel keyring > for kerberos tickets. Sites who use Kerberos authentication to access both Windows SMB shares and NFS mounts care about this, because KCM avoids the problem of cifs.upcall creating root's kernel persistent keyring with the wrong SELinux context and thus breaking rpc.gssd's ability to subsequently access the credential cache. _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org