8e5bd0b krb5: show error message for krb5_init_context() failures

6 files Authored by sbose 2 years ago , Committed by lslebodn 2 years ago ,
    krb5: show error message for krb5_init_context() failures
    
    If there are typos in /etc/krb5.conf (or one of the included config
    snippets) krb5_init_context(), the initial call always needed to do any
    other operation with libkrb5, fails because /etc/krb5.conf cannot be
    parsed.
    
    Currently the related debug/syslog messages might be misleading, e.g.
    failed to read keytab. This is because SSSD does not use a global krb5
    context but creates a fresh one for every new request or operation (to
    always use the latest settings from /etc/krb5.conf) and typically there
    is an error message indicating that the related operation failed but not
    giving more details.
    
    Since krb5_init_context() is fundamental for Kerberos support this patch
    tries to add as much details as libkrb5 provides in the logs if the call
    fails.
    
    Resolves:
    https://pagure.io/SSSD/sssd/issue/3586
    
    Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
    Reviewed-by: Robbie Harwood <rharwood@redhat.com>
    (cherry picked from commit 2c10819750a8d920ab755eba1278e6e20e684e93)
    (cherry picked from commit dbe54141c36006809cc5fcf9ad729405c0a9292c)
    
        
file modified
+22 -3
file modified
+3 -0