Red Hat Bugzilla – Bug 1274150
krb5_init_context failed with -1429577697
Last modified: 2015-10-23 03:56:30 EDT
Description of problem:
We have few unit tests in sssd related to krb5 behaviour and they are failing with the latest release.
#0 setup_ccache (state=0x60be00) at /home/build/sssd/src/tests/cmocka/test_copy_ccache.c:64
#1 0x00007ffff79d0712 in cmocka_run_one_test_or_fixture () from /lib64/libcmocka.so.0
#2 0x00007ffff79d0d5e in _cmocka_run_group_tests () from /lib64/libcmocka.so.0
#3 0x0000000000402df4 in main (argc=1, argv=<optimized out>) at /home/build/sssd/src/tests/cmocka/test_copy_ccache.c:237
(gdb) l 64
60 test_ctx = talloc_zero(global_talloc_context, struct ccache_test_ctx);
63 kerr = krb5_init_context(&test_ctx->kctx);
64 assert_int_equal(kerr, 0);
66 addr.magic = KV5M_ADDRESS;
67 addr.addrtype = ADDRTYPE_INET;
68 addr.length = 4;
(gdb) p kerr
$3 = -1429577697
Version-Release number of selected component (if applicable):
$ rpm -qa | grep krb5-
Steps to Reproduce:
1. try to initialize krb5 contest with function rkrb5_init_context()
return code -1429577697
return code 0
It is caused by broken symbolic link provided by krb5-libs
[build@host ~]$ file /etc/krb5.conf.d/crypto-policies
/etc/krb5.conf.d/crypto-policies: broken symbolic link to /etc/crypto-policies/back-ends/krb5.conf
[build@host ~]$ rpm -qf /etc/krb5.conf.d/crypto-policies
BTW. The symbolic link refers to file(/etc/crypto-policies/back-ends/krb5.conf) which is not provided by any package.
[root@host build]# dnf provides */back-ends/krb5.conf
Fedora - Rawhide - Developmental packages for the next Fedora release 50 MB/s | 44 MB 00:00
Last metadata expiration check performed 0:00:25 ago on Thu Oct 22 06:00:45 2015.
Error: No Matches found
[build@733d9bcc150c ~]$ rpm -q crypto-policies
[build@733d9bcc150c ~]$ rpm -ql crypto-policies | grep krb
IMHO, if crypto policies want to ship krb5 configuration snippet then it can
store it directly in /etc/krb5.conf.d/. But krb5-libs
Nikos, this is the symlink you mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=1225792 ; what am I missing here?
The file is autogenerated and thus not owned, and its location is:
(there is a typo in the symlink which uses .conf)
That PROF_FAIL_INCLUDE_FILE error suggests that the library wasn't able to open an "include"d file.
Thanks Nikos, I'll have this fixed presently.
Thanks for your patience
Thank you very much for fast workaround in rawhide.
However the same problem can occur in future.
[user@host][~]$ls -l /etc/krb5.conf.d/
lrwxrwxrwx. 1 root root 13 Oct 23 08:11 asdasdasdasd -> /asdasdasdasd
klist: Included profile file could not be read while initializing krb5
I'm able to reproduce it also on fedora 23 and the same bug can be also in older versions of fedora.
For solving profile issue Robbie created a separate bug #1274424.
(In reply to Alexander Bokovoy from comment #7)
> For solving profile issue Robbie created a separate bug #1274424.