> Why have krb5 ignore if it can't access the folder? > That seems like it could cause unintended consequences for people using SSSD > for AD join.
The system's Kerberos is not being patched, but Kerberos that goes inside the snap and therefore only affects the snap, not the system. > Isn't the proper solution to have Snap mount in the appropriate folders > for Kerberos to function? Yes, but it is much more involved. I won't go into that unless the alternative proves insufficient. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2122317 Title: Unreadable includedir /var/lib/sss/pubconf/krb5.include.d/ causes Kerberos authentication failure To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2122317/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
