Thomas Schweikle <1852...@bugs.launchpad.net> writes:
> Simple solution: pam_krb5 just only authenticates and some other
> pam_krb5 module has to address the persistent keyring problem as soon as
> pam switches UID space to this authenticated user.
This would break other software that only calls
On Wed, Nov 13, 2019 at 10:50 PM Russ Allbery wrote:
> Thomas Schweikle <1852...@bugs.launchpad.net> writes:
>
> > default libpam-krb5-config does not request tgt for local users if
> > kerberos is available. But it should if a remote user matches the local
> > one.
>
> > auth [success=3 default
