URL:
https://github.com/SSSD/sssd/pull/5766
Title: #5766: Sources cleanup - part 3.
alexey-tikhonov commented:
"""
With `['KRB5_TRACE'] = "/dev/stdout"`:
```
____________________________________________________________ test_krb5_auth
____________________________________________________________
Traceback (most recent call last):
File "/home/talex/sssd/src/tests/intg/test_pam_responder.py", line 768, in
test_krb5_auth
assert err.find(r"pam_authenticate for user [user1]: Success") != -1
AssertionError: assert -1 != -1
+ where -1 = <built-in method find of str object at
0x7f8c77e010f8>('pam_authenticate for user [user1]: Success')
+ where <built-in method find of str object at 0x7f8c77e010f8> = 'Unable to
connect to system bus!\nInfoPipe User lookup with [user1] failed.\nPassword:
pam_authenticate for user [user1]: System error\n\nPAM Environment:\n - no env
-\n'.find
-------------------------------------------------------- Captured stdout setup
---------------------------------------------------------
Loading random data
Initializing database '/tmp/sssd-intg.78miBVX1/var/krb5kdc/principal' for realm
'PAMKRB5TEST',
master key name 'K/M@PAMKRB5TEST'
0/Success
[23232] 1632575636.946045: Retrieving K/M@PAMKRB5TEST from
FILE:/tmp/sssd-intg.78miBVX1/var/krb5kdc/stash.PAMKRB5TEST (vno 0, enctype 0) with result:
0/Success
-------------------------------------------------------- Captured stderr setup
---------------------------------------------------------
kadmin.local: No KCM server found while opening default credentials cache
kadmin.local: No KCM server found while opening default credentials cache
```
`Unable to connect to system bus!` is also suspicious.
`krb5kdc.log`:
```
Sep 25 10:40:09 debian10 krb5kdc[1190](Error): preauth spake failed to initialize: No
SPAKE preauth groups configured
Sep 25 10:40:09 debian10 krb5kdc[1190](info): setting up network...
Sep 25 10:40:09 debian10 krb5kdc[1190](info): setsockopt(18,IPV6_V6ONLY,1) worked
Sep 25 10:40:09 debian10 krb5kdc[1190](info): setsockopt(20,IPV6_V6ONLY,1) worked
Sep 25 10:40:09 debian10 krb5kdc[1190](info): set up 4 sockets
Sep 25 10:40:09 debian10 krb5kdc[1191](info): commencing operation
Sep 25 10:40:10 debian10 krb5kdc[1191](info): AS_REQ (8 etypes {18 17 20 19 16 23 25 26})
::1: CLIENT_NOT_FOUND: user1@PAMKRB5TEST for krbtgt/PAMKRB5TEST@PAMKRB5TEST, Client not
found in Kerberos database
```
`krb5_child.log`:
```
(2021-09-25 10:40:10): [krb5_child[1200]] [get_and_save_tgt] (0x0400): Attempting kinit
for realm [PAMKRB5TEST]
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640671: Getting initial credentials for user1@PAMKRB5TEST
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640673: Sending unauthenticated request
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640674: Sending request (183 bytes) to PAMKRB5TEST
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640675: Resolving hostname localhost
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640676: Sending initial UDP request to dgram ::1:10088
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640677: Received answer (151 bytes) from dgram ::1:10088
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640678: Response was not from master KDC
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640679: Received error from KDC: -1765328378/Client not found in Kerberos
database
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640680: Retrying AS request with master KDC
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640681: Getting initial credentials for user1@PAMKRB5TEST
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640683: Sending unauthenticated request
(2021-09-25 10:40:10): [krb5_child[1200]] [sss_child_krb5_trace_cb] (0x4000): [1200]
1632580810.640684: Sending request (183 bytes) to PAMKRB5TEST (master)
(2021-09-25 10:40:10): [krb5_child[1200]] [get_and_save_tgt] (0x0020): 1724:
[-1765328378][Client 'user1@PAMKRB5TEST' not found in Kerberos database]
(2021-09-25 10:40:10): [krb5_child[1200]] [map_krb5_error] (0x0020): 1853:
[-1765328378][Client 'user1@PAMKRB5TEST' not found in Kerberos database]
```
"""
See the full comment at
https://github.com/SSSD/sssd/pull/5766#issuecomment-927120637