Bug 977972
Summary: | kinit: Credential cache directory /run/user/0/krb5cc does not exist while getting default ccache | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Dean Hunter <deanhunter> |
Component: | freeipa | Assignee: | Rob Crittenden <rcritten> |
Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 19 | CC: | abokovoy, mkosek, rcritten, ssorce |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-06-26 06:48:35 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 961235, 985016 | ||
Bug Blocks: |
Description
Dean Hunter
2013-06-25 17:14:15 UTC
Hello Dean, this really is not FreeIPA bug, so I plan to close it as duplicate to Bug 961235. But speaking of workaround, I think you can for example update your ~/.bashrc or alternative and override system KRB5CCNAME to make it point to some directory that indeed exists, e.g.: export KRB5CCNAME=/tmp/krb5cc_$(id -u) Note this workaround is only temporary and will disallow you to use benefits coming from http://fedoraproject.org/wiki/Features/KRB5CacheMove. A real solution needs to come from the aforementioned Bug 961235. Yes, I know it is not a FreeIPA bug, but I need to know how y'all work-around it, whether there are particular requirements for IPA or who knows what. The wiki article says that the KRB5 Cache Move feature is complete. This seems to be confirmed by the behavior I experienced, except they did not cover the su/sudo use cases which is what bug #961235 seems to be about. Since you seem to be speaking somewhat tentatively, I am guessing that you have not personally experienced this problem? I am not sure how others work around it, you can write to freeipa-devel mailing list, you may get answers or hints from more developers than just from me. But the temporary workaround I proposed above should work until bug #961235 is fixed. Closing this Bugzilla as duplicate to Bug 961235. *** This bug has been marked as a duplicate of bug 961235 *** This seems to work: if [ ! -d /run/user/0/krb5cc ] # RedHat bug 977972 then # RedHat bug 977972 mkdir -p /run/user/0/krb5cc # RedHat bug 977972 chmod -R 700 /run/user/0 # RedHat bug 977972 fi # RedHat bug 977972 kinit admin .... |