/etc/krb5.conf.d/ was in fact missing from the client, which is still on
CentOS 7.2 for reasons out of our control.
Other hosts that are CentOS 7.2 running IPA Client 4.2.0 also do not have the
/etc/krb5.conf.d/ directory, but are running fine. So maybe the 4.4 client
requires that dir but is not making it on upgrade and the cause of the failure?
> On Jan 3, 2017, at 1:25 PM, Rob Crittenden <rcrit...@redhat.com> wrote:
> Alan Latteri wrote:
>> Log is attached.
> Look and see if /etc/krb5.conf.d/ and
> /var/lib/sss/pubconf/krb5.include.d exist and are readable (and check
> for SELinux AVCs). I'm pretty sure this all runs as root so I doubt
> filesystem perms are an issue but who knows.
> You can also brute force things using strace -f to find out exactly what
> can't be read.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project