Credential cache directory /run/user/1000/krb5cc does not exist while getting default ccache

I have a local network with many Macs and openSUSE machines using ssh and kerberos. I typically login to the openSUSE workstation running LEAP 42.1 from my MacBook running Mac OS Sierra. When I run kinit on the openSUSE, it fails:

MacBook% /usr/bin/ssh -x opensuse
opensuse% kinit
kinit: Credential cache directory /run/user/1000/krb5cc does not exist while getting default ccache

This is really annoying, since I have to sudo mkdir/chown the /run/user/1000 directory. Have I misconfigured something, or is this a bug? Is this fixed in LEAP 42.2?

Here is /etc/pam.d/sshd in case it matter (I think it is untouched from LEAP 42.1 install):

#%PAM-1.0
auth        requisite   pam_nologin.so
auth        include     common-auth
account     requisite   pam_nologin.so
account     include     common-account
password    include     common-password
session     required    pam_loginuid.so
session     include     common-session
session  optional       pam_lastlog.so   silent noupdate showfailed

While I am not very used to what you do, I ask myself if your story is complete.

You say you have to change the owner of a directory, but you do not show us who the owner is originally, nor what you change it to. Also you do not show us what the userid is of the user you are logged in as and I think that is related to the chown.

The /run/user/1000 directory does not exist at all. I need to do

sudo mkdir /run/user/1000
sudo chown 1000:1000 /run/user/1000

I think /run/user/%U is supposed to be created by pam_sessiond, and that is in /etc/pam.d/common-session, so I don’t know why it is not happening. There are also missing XDG environment variables:

% printenv |egrep XDG
XDG_DATA_DIRS=/usr/local/share:/usr/share:/usr/share/gnome/help
XDG_CONFIG_DIRS=/etc/xdg

On 02/23/2017 01:56 PM, hcvv wrote:
>
> While I am not very used to what you do, I ask myself if your story is
> complete.
>
> You say you have to change the owner of a directory, but you do not show
> us who the owner is originally, nor what you change it to. Also you do
> not show us what the userid is of the user you are logged in as and I
> think that is related to the chown.
>
>

Reread this part:

code:

“since I have to sudo mkdir/chown”

/code:


Ken
linux since 1994
S.u.S.E./openSUSE since 1996

henk@boven:~> sudo mkdir/chown
root's password:
sudo: mkdir/chown: opdracht niet gevonden
henk@boven:~> 

On 02/24/2017 09:56 AM, hcvv wrote:
>
> kensch;2813886 Wrote:
>> On 02/23/2017 01:56 PM, hcvv wrote:
>>>
>>> While I am not very used to what you do, I ask myself if your story is
>>> complete.
>>>
>>> You say you have to change the owner of a directory, but you do not
>> show
>>> us who the owner is originally, nor what you change it to. Also you do
>>> not show us what the userid is of the user you are logged in as and I
>>> think that is related to the chown.
>>>
>>>
>>
>> Reread this part:
>>
>> code:
>>
>> “since I have to sudo mkdir/chown”
>>
>> /code:
>>
>> –
>> Ken
>> linux since 1994
>> S.u.S.E./openSUSE since 1996
>
> Code:
> --------------------
> henk@boven:~> sudo mkdir/chown
> root’s password:
> sudo: mkdir/chown: opdracht niet gevonden
> henk@boven:~>
> --------------------
>
>

His line clearly infers that two different operations are being performed.


Ken
linux since 1994
S.u.S.E./openSUSE since 1996