This is not an issue. See https://github.com/modauthgssapi/mod_auth_gssapi/commit/12ebe14ee6636801c750eb6e982b30635788e4ba

Wild guess: Isn't it possible that it's caused by the line
GssapiDelegCcachePerms mode:0660 gid:ipaapi
in /etc/httpd/conf.d/ipa.conf?

Guys, we went through this a month ago. We cannot change GssapiDelegCcachePerms line because it will make mod_auth_gssapi + gss-proxy failing. Please ignore this message in the logs.

It may scary users

Sure, and this is why mod_auth_gssapi changed this to a warning instead of an error. I don't think we should spend more time on it.

Latest nighly builds are still affected:

[Mon Dec 11 15:41:04.603574 2017] [:error] [pid 20798:tid 140625743668992] [client 192.168.183.101:52624] failed to set perms (3140) on file (/var/run/ipa/ccaches/admin@IPA.TEST)!, referer: https://master.ipa.test/ipa/xml

Aleksei Slaikovskii and me were able to reproduce the issue with FreeIPA master ( mod_auth_gssapi-1.5.1-6.fc27.x86_64) on Fedora 27 and FreeIPA 4.5 (mod_auth_gssapi-1.5.1-5.el7.x86_64) on RHEL. The Apache error log is spammed with warnings, literally every second line.

A default installation of FreeIPA with our default Apache log level must not write the message into Apache HTTP's error log.

I have updated (bodhi) the f27 builds to include the fix (mod_auth_gssapi-1.6.0-1). For RHEL builds, please file a Bugzilla if you need something addressed.

This is still occurring in F28:

[Thu Feb 14 14:57:13.418342 2019] [:warn] [pid 3436:tid 140690445039360] [client 192.168.166.78:40684] failed to set perms (3140) on file (/run/ipa/ccaches/admin@EXAMPLE.TEST)!, referer: https://ipa.example.test/ipa/xml

rpm -q mod_auth_gssapi

mod_auth_gssapi-1.6.0-1.fc28.x86_64

Still seeing this in Fedora 33:

rpm -q mod_auth_gssapi
mod_auth_gssapi-1.6.3-1.fc33.x86_64

Failed to set perms (3140) on file (/run/ipa/ccaches/admin@OURDOMAIN.EDU)!, referer: https://oudomain.edu/ipa/xml