Why have krb5 ignore if it can't access the folder? That seems like it could cause unintended consequences for people using SSSD for AD join.
I used `realm join` to join Ubuntu 24.04 LTS to an AD environment and it creates 3 files in there: * domain_realm_REDACTED_com * krb5_libdefaults * localauth_plugin I believe that what I did is similar to what occurs when someone checks "Use Active Directory" during the Ubuntu install process. Isn't the proper solution to have Snap mount in the appropriate folders for Kerberos to function? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2122317 Title: Unreadable includedir /var/lib/sss/pubconf/krb5.include.d/ causes Kerberos authentication failure To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2122317/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
