This is possibly a duplicate of https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1874915 at least if you are using freeipa. As shipped, krb5-kdc does not log to /var/log, but instead logs to syslog My position is that since krb5's systemd configuration is correct for the shipped configuration, if you reconfigure your krb5-kdc to log somewhere, you should at that point reconfigure the systemd unit to permit writing to that log. I point to the freeipa bug because freeipa reconfigures this for you but does not update the systemd configuration.
** Changed in: krb5 (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/1885024 Title: systemd patch fixes: krb5kdc.log Read-only file system Status in krb5 package in Ubuntu: Invalid Bug description: Jun 24 11:29:34 registry1 krb5kdc[1244]: Couldn't open log file /var/log/krb5kdc.log: Read-only file system can be fixed by adding ReadWriteDirectories= /var/log to the krb5-kdc.service unit To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1885024/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp