Description of problem: The krb5-libs package owns the file /etc/krb5.conf. It contains the snippets: [libdefaults] #ticket_lifetime = 24000 <--- authconfig adds this line if run default_realm = EXAMPLE.COM dns_lookup_realm = false dns_lookup_kdc = false [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } These are the default entries (other than the REALM name). It appears the intent is to obtain forwardable tickets or maybe not. When obtaining a TGT via pam_krb5, the ticket is forwardable and renewable. When obtaining a ticket via kinit or the gnome-kerberos tool it isn't (unless you manually specify cmd line options). Is this the intended behavior? To make kinit consistent with pam_krb5 then the stock [libdefaults] section should look like: [libdefaults] default_realm = EXAMPLE.COM dns_lookup_realm = false dns_lookup_kdc = false renew_lifetime = 36000 forwardable = true
never mind my comment: (other than the REALM name)
Fedora Core 3 is now maintained by the Fedora Legacy project for security updates only. If this problem is a security issue, please reopen and reassign to the Fedora Legacy product. If it is not a security issue and hasn't been resolved in the current FC5 updates or in the FC6 test release, reopen and change the version to match. Thank you!
Fedora Core 3 is not maintained anymore. Setting status to "INSUFFICIENT_DATA". If you can reproduce this bug in the current Fedora release please reopen this bug.