Am 12/01/2026 um 19:15 schrieb [email protected]: > Hey Nathan, > > /var/lib/sss/pubconf/krb5.include.d/ is empty on my computer. Do you know > what generates files in there? If configuring AD join via SSSD puts files in > there, it'd be good to check what those files contain just in case there's > another include. (supposedly it happens when SSSD is used for domain join. > but I haven't been able to confirm)
I don't. I looked in the whole source code and couldn't find logic writing to that file, only testing it. I traced this back upstream to ---> commit 2a3035d30adf81cee05add8f6142f1d85d553909 Author: Iker Pedrosa <[email protected]> Date: Mon Nov 29 16:16:36 2021 +0100 contrib: sssd krb5 configuration snippet Add a configuration snippet for krb5 that points to the folder where the sssd configuration for this service is located. This will enable passwordless (GSSAPI) ssh to work without any sssd configuration change. Resolves: https://github.com/SSSD/sssd/issues/5893 Signed-off-by: Iker Pedrosa <[email protected]> Reviewed-by: Tomáš Halman <[email protected]> <--- which again, although originates the includedir directive to /var/lib/sss/pubconf/krb5.include.d/, writes nothing to it. Looking at the issue it is supposed to resolve, https://github.com/SSSD/sssd/issues/5893, I guess some files in that directory would be provided by RHEL installations. > Re: (2) - Any theories on why we had to enable the plug? > In LP:1849346 you mentioned: "I removed the plug from the snaps because > LP:2123820 makes it impractical, so for the end-user this solution is not yet > available until that bug is fixed." But LP:2123820 shows as "Fix Released" The plug is necessary to expose the ticket files inside the snap sandbox. The citation you provided is from comment #110; In comment #113 I say I'm bringing the slots back after a blocker was resolved. It was possibly confusing because I wrote "slot" in #113 instead of "plug". I corrected that now. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2122317 Title: Unreadable includedir /var/lib/sss/pubconf/krb5.include.d/ causes Kerberos authentication failure To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2122317/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
