Issue 1: From the analysis, Tests in pam_krb5 needs tools/pam_harness.c file to be compiled to generate pam_harness binary which requires pam-devel package to be installed. so added a check and installation for pam-devel in python wrapper.
Issue 2: From the analysis, the issue raises with error Server not found in Kerberos database(KDC).
All Kerberos server machines uses credential cache (or “ccache”) that holds Kerberos credentials or keytab file (by default /etc/krb5.keytab) which contains key value pairs for authentication purpose.
Here in the test_password test it looks for the default keytab file (/etc/krb5.keytab) to get TGT (ticket to access the service) and the test fails with "server not found in kerberos database(KDC).
Since the kerberos is configured to use the temporary cache file created to authenticate the user, this authentication will be successful with the temporary cache file created for the session.
Hence if the default /etc/krb5.keytab file is not available, then the kerberos uses temporary cache to authenticate the user.
Issue 1: From the analysis, Tests in pam_krb5 needs tools/pam_harness.c file to be compiled to generate pam_harness binary which requires pam-devel package to be installed. so added a check and installation for pam-devel in python wrapper.
Issue 2: From the analysis, the issue raises with error Server not found in Kerberos database(KDC). All Kerberos server machines uses credential cache (or “ccache”) that holds Kerberos credentials or keytab file (by default /etc/krb5.keytab) which contains key value pairs for authentication purpose. Here in the test_password test it looks for the default keytab file (/etc/krb5.keytab) to get TGT (ticket to access the service) and the test fails with "server not found in kerberos database(KDC). Since the kerberos is configured to use the temporary cache file created to authenticate the user, this authentication will be successful with the temporary cache file created for the session.
Hence if the default /etc/krb5.keytab file is not available, then the kerberos uses temporary cache to authenticate the user.
Signed-off By: Kowshik Jois kowsjois@in.ibm.com