[Samba] KRB5 pam_winbind using KEYRING does not work
Michael Tokarev
mjt at tls.msk.ru
Wed Oct 29 21:49:24 UTC 2025
On 10/30/25 00:34, Rainer Meier via samba wrote:
...> I also tried to run older versions of krb5 (well, at least 1.20) at no
> avail. I am not experienced in PAM debugging and could not identify any
> further issues yet. Unless this is some coincidence with newer kernel
> versions as EOS/ARCH is on 6.17.5 now unless witched to LTS (6.12.56
> currently) kernels. Well, I might give this a try.
> Though I am not expecting it to work as KEYRING in general seems OK as
> proven by kinit successfully populating keyring.
Does arch build samba with libkeyutils (iirc)?
I remember I had to enable something in the debian build - before that,
heimdal shipped with samba didn't have KEYRING support, only FILE.
I also had to include patch, heimdal-to-support-KEYRING-ccache.patch,
to do that initially, until it has been accepted upstream.
Thanks,
/mjt
More information about the samba
mailing list