Description of problem: There is a know issue with krb5 and inclusion of nonexistent files BZ1274424. There is a workaround in fedora 23+ for issue with crypto-policies. However the solution is not sufficient. Because old version of crypto-policies does not contain such file and therefore link can be broken. And it's hard to explain someone that it's not enough to upgrade krb5-* to the latest version for fixing issues caused by broken symbolic link. Therefore there shoudl be stricter requires on crypto-policies. Version-Release number of selected component (if applicable): sh$ rpm -qf /etc/krb5.conf.d/crypto-policies krb5-libs-1.14-7.fc23.x86_64 How reproducible: Deterministic Actual results: The latest krb5-libs can be installed with old version of crypto-policies sh$ rpm -q krb5-libs crypto-policies krb5-libs-1.14-4.fc23.x86_64 crypto-policies-20150518-3.gitffe885e.fc23.noarch sh$ file /etc/krb5.conf.d/crypto-policies /etc/krb5.conf.d/crypto-policies: broken symbolic link to /etc/crypto-policies/back-ends/krb5.config Expected results: krb5-libs has strict requires for crypto-policies which contains file /etc/crypto-policies/back-ends/krb5.config and therefore update of krb5-libs will require update of crypto-policies as well and will prevent issues with broken symbolic link. Additional info: You might use Requires: crypto-policies >= 20151104-1 or Requires: /etc/crypto-policies/back-ends/krb5.config sh$ rpm -q --whatprovides /etc/crypto-policies/back-ends/krb5.config crypto-policies-20151104-1.gitf1cba5f.fc23.noarch
krb5-1.14-8.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-b8be51f14b
Fixed in rawhide as well.
krb5-1.14-8.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-b8be51f14b
krb5-1.14-8.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.