Thank you for taking the time to report this issue and help to improve
Ubuntu.
I'm closing this bug, because I think it entirely defeats the purpose of
Kerberos integration if we bypass Kerberos merely because a local
account is present. Network-related login delays are unpleasant, but
having to manually request a TGT on every login is far more annoying if
you're expecting to have Kerberos integration and just have a local
account entry as a fallback when the network is down.
So the current behavior of this profile is precisely the behavior that's
intended, and what upstream recommends for the use of pam_krb5. This
should not be changed. See the pam_krb5 manpage for suggestions of
various ways to disable the use of pam_krb5 for certain users if that's
what you're aiming for.
** Changed in: libpam-krb5 (Ubuntu)
Status: New => Won't Fix
--
"krb5" pam-auth-update profile priority is greater than "unix" profile
https://bugs.launchpad.net/bugs/369964
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
