Public bug reported: In an environment where /etc/krb5.conf sets "default_ccache_name = FILE:/tmp/krb5cc_%{uid}" and you don't have the KRB5CCNAME variable set, running "adsysctl update" with a AD domain user will fail.
If you either export the variable with the path to the kerberos ticket OR run the command "adsysctl update <user@domain> <path_to_kerberos_ticket>" it works. The adsysctl command should fallback to the default location when KRB5CCNAME is not defined or have a mechanism to query klist and find the Kerberos tickets location. Given that adsys can't find Kerberos tickets when `klist` does. It seems like a feature parity issue, granted, an edge case. Here is an example of a reproducer: https://pastebin.ubuntu.com/p/FjyTWQChjM/ ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: adsys 0.9.2~22.04.2 ProcVersionSignature: Ubuntu 6.2.0-1014.14~22.04.1-aws 6.2.16 Uname: Linux 6.2.0-1014-aws x86_64 ApportVersion: 2.20.11-0ubuntu82.5 Architecture: amd64 CasperMD5CheckResult: unknown CloudArchitecture: x86_64 CloudID: aws CloudName: aws CloudPlatform: ec2 CloudRegion: us-west-2 CloudSubPlatform: metadata (http://169.254.169.254) CurrentDesktop: ubuntu:GNOME Date: Thu Jan 11 11:39:06 2024 Ec2AMI: ami-00094f7041bb1b79d Ec2AMIManifest: (unknown) Ec2Architecture: x86_64 Ec2AvailabilityZone: us-west-2b Ec2Imageid: ami-00094f7041bb1b79d Ec2InstanceType: t3.large Ec2Instancetype: t3.large Ec2Kernel: unavailable Ec2Ramdisk: unavailable Ec2Region: us-west-2 ProcEnviron: TERM=xterm-256color PATH=(custom, no user) LANG=en_US.utf8 SHELL=/bin/bash RebootRequiredPkgs: Error: path contained symlinks. RelatedPackageVersions: sssd 2.6.3-1ubuntu3.2 python3-samba 2:4.15.13+dfsg-0ubuntu1.5 SourcePackage: adsys UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.polkit-1.localauthority.conf.d.99-adsys-privilege-enforcement.conf: [deleted] modified.conffile..etc.sudoers.d.99-adsys-privilege-enforcement: [deleted] ** Affects: adsys (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug ec2-images jammy -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/2049061 Title: adsysctl update with a domain user fails if KRB5CCNAME is not set Status in adsys package in Ubuntu: New Bug description: In an environment where /etc/krb5.conf sets "default_ccache_name = FILE:/tmp/krb5cc_%{uid}" and you don't have the KRB5CCNAME variable set, running "adsysctl update" with a AD domain user will fail. If you either export the variable with the path to the kerberos ticket OR run the command "adsysctl update <user@domain> <path_to_kerberos_ticket>" it works. The adsysctl command should fallback to the default location when KRB5CCNAME is not defined or have a mechanism to query klist and find the Kerberos tickets location. Given that adsys can't find Kerberos tickets when `klist` does. It seems like a feature parity issue, granted, an edge case. Here is an example of a reproducer: https://pastebin.ubuntu.com/p/FjyTWQChjM/ ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: adsys 0.9.2~22.04.2 ProcVersionSignature: Ubuntu 6.2.0-1014.14~22.04.1-aws 6.2.16 Uname: Linux 6.2.0-1014-aws x86_64 ApportVersion: 2.20.11-0ubuntu82.5 Architecture: amd64 CasperMD5CheckResult: unknown CloudArchitecture: x86_64 CloudID: aws CloudName: aws CloudPlatform: ec2 CloudRegion: us-west-2 CloudSubPlatform: metadata (http://169.254.169.254) CurrentDesktop: ubuntu:GNOME Date: Thu Jan 11 11:39:06 2024 Ec2AMI: ami-00094f7041bb1b79d Ec2AMIManifest: (unknown) Ec2Architecture: x86_64 Ec2AvailabilityZone: us-west-2b Ec2Imageid: ami-00094f7041bb1b79d Ec2InstanceType: t3.large Ec2Instancetype: t3.large Ec2Kernel: unavailable Ec2Ramdisk: unavailable Ec2Region: us-west-2 ProcEnviron: TERM=xterm-256color PATH=(custom, no user) LANG=en_US.utf8 SHELL=/bin/bash RebootRequiredPkgs: Error: path contained symlinks. RelatedPackageVersions: sssd 2.6.3-1ubuntu3.2 python3-samba 2:4.15.13+dfsg-0ubuntu1.5 SourcePackage: adsys UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.polkit-1.localauthority.conf.d.99-adsys-privilege-enforcement.conf: [deleted] modified.conffile..etc.sudoers.d.99-adsys-privilege-enforcement: [deleted] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/2049061/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp