Bug 1371814

Summary:	[RFE]: Include the /var/lib/sss/pubconf/krb5.include.d directory
Product:	Red Hat Enterprise Linux 7	Reporter:	Jakub Hrozek <jhrozek>
Component:	realmd	Assignee:	Sumit Bose <sbose>
Status:	CLOSED DUPLICATE	QA Contact:	BaseOS QE Security Team <qe-baseos-security>
Severity:	unspecified	Docs Contact:
Priority:	unspecified
Version:	7.3	CC:	lslebodn, pkis
Target Milestone:	rc	Keywords:	FutureFeature
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2016-08-31 11:48:13 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:

Description Jakub Hrozek 2016-08-31 07:58:14 UTC

Description of problem:
SSSD ships with localauth plugin that is enabled via a snippet in 
/var/lib/sss/pubconf/krb5.include.d but looks like we don't include the directory when the computer is joined to an AD domain with realmd. IPA clients do include the directory

Version-Release number of selected component (if applicable):
latest

How reproducible:
always

Steps to Reproduce:
1. realm join
2. cat /etc/krb5.conf
3. 

Actual results:
no includedir /var/lib/sss/pubconf/krb5.include.d

Expected results:
includedir /var/lib/sss/pubconf/krb5.include.d

Additional info:
On IRC, Sumit suggested that the includedir for /var/lib/sss/pubconf/krb5.include.d must come before /etc/krb5.conf.d so that admin can override sssd configuration by dropping files into /etc/krb5.conf.d.

Comment 2 Jakub Hrozek 2016-08-31 11:48:13 UTC

Justin made me aware of bug #1207552 which I didn't know about. I'll close this bug as a duplicate of #1207552

*** This bug has been marked as a duplicate of bug 1207552 ***