#3586 Give a more detailed debug and system-log message if krb5_init_context() failed
Closed: Fixed 2 years ago Opened 2 years ago by sbose.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1516266

If there are typos in /etc/krb5.conf (or one of the included config snippets) krb5_init_context(), the initial call always needed to do any other operation with libkrb5, fails because /etc/krb5.conf cannot be parsed.

Currently the related debug/syslog messages might be misleading, e.g. failed to read keytab. This is because SSSD does not use a global krb5 context but creates a fresh one for every new request or operation (to always use the latest settings from /etc/krb5.conf) and typically there is an error message indicating that the related operation failed but not giving more details.

Since krb5_init_context() is fundamental for Kerberos support SSSD should try to add as much details as libkrb5 provides in the logs if the call fails.


Metadata Update from @sbose:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1516266

2 years ago

Metadata Update from @sbose:
- Issue set to the milestone: None

2 years ago

Metadata Update from @sbose:
- Issue assigned to sbose

2 years ago

Metadata Update from @sbose:
- Custom field patch adjusted to on

2 years ago

Metadata Update from @lslebodn:
- Issue close_status updated to: Fixed
- Issue set to the milestone: SSSD 1.16.1

2 years ago

Login to comment on this ticket.

Metadata