Description of problem: We have few unit tests in sssd related to krb5 behaviour and they are failing with the latest release. e.g. test_copy_ccache (gdb) bt #0 setup_ccache (state=0x60be00) at /home/build/sssd/src/tests/cmocka/test_copy_ccache.c:64 #1 0x00007ffff79d0712 in cmocka_run_one_test_or_fixture () from /lib64/libcmocka.so.0 #2 0x00007ffff79d0d5e in _cmocka_run_group_tests () from /lib64/libcmocka.so.0 #3 0x0000000000402df4 in main (argc=1, argv=<optimized out>) at /home/build/sssd/src/tests/cmocka/test_copy_ccache.c:237 (gdb) l 64 59 60 test_ctx = talloc_zero(global_talloc_context, struct ccache_test_ctx); 61 assert_non_null(test_ctx); 62 63 kerr = krb5_init_context(&test_ctx->kctx); 64 assert_int_equal(kerr, 0); 65 66 addr.magic = KV5M_ADDRESS; 67 addr.addrtype = ADDRTYPE_INET; 68 addr.length = 4; (gdb) p kerr $3 = -1429577697 Version-Release number of selected component (if applicable): $ rpm -qa | grep krb5- krb5-devel-1.14-3.fc24.x86_64 krb5-libs-1.14-3.fc24.x86_64 How reproducible: deterministic Steps to Reproduce: 1. try to initialize krb5 contest with function rkrb5_init_context() Actual results: return code -1429577697 Expected results: return code 0 Additional info: It is caused by broken symbolic link provided by krb5-libs [build@host ~]$ file /etc/krb5.conf.d/crypto-policies /etc/krb5.conf.d/crypto-policies: broken symbolic link to /etc/crypto-policies/back-ends/krb5.conf [build@host ~]$ rpm -qf /etc/krb5.conf.d/crypto-policies krb5-libs-1.14-3.fc24.x86_64 BTW. The symbolic link refers to file(/etc/crypto-policies/back-ends/krb5.conf) which is not provided by any package. [root@host build]# dnf provides */back-ends/krb5.conf Fedora - Rawhide - Developmental packages for the next Fedora release 50 MB/s | 44 MB 00:00 Last metadata expiration check performed 0:00:25 ago on Thu Oct 22 06:00:45 2015. Error: No Matches found [build@733d9bcc150c ~]$ rpm -q crypto-policies crypto-policies-20151005-1.gitc8452f8.fc24.noarch [build@733d9bcc150c ~]$ rpm -ql crypto-policies | grep krb IMHO, if crypto policies want to ship krb5 configuration snippet then it can store it directly in /etc/krb5.conf.d/. But krb5-libs
Nikos, this is the symlink you mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=1225792 ; what am I missing here?
Hi, The file is autogenerated and thus not owned, and its location is: /etc/crypto-policies/back-ends/krb5.config (there is a typo in the symlink which uses .conf)
That PROF_FAIL_INCLUDE_FILE error suggests that the library wasn't able to open an "include"d file.
Thanks Nikos, I'll have this fixed presently.
krb5-1.14-4.fc24 Thanks for your patience
Thank you very much for fast workaround in rawhide. However the same problem can occur in future. [user@host][~]$ls -l /etc/krb5.conf.d/ total 0 lrwxrwxrwx. 1 root root 13 Oct 23 08:11 asdasdasdasd -> /asdasdasdasd [user@host][~]$klist klist: Included profile file could not be read while initializing krb5 I'm able to reproduce it also on fedora 23 and the same bug can be also in older versions of fedora.
For solving profile issue Robbie created a separate bug #1274424.
(In reply to Alexander Bokovoy from comment #7) > For solving profile issue Robbie created a separate bug #1274424. OK