From 498a0cefea205f7783dd675aac3f8b831d3baa82 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Fri, 11 Apr 2014 16:56:55 +0200 Subject: KRB5: Print a verbose error message on failure reading the keytab MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit krb5_kt_resolve() returns 0 when a non-existent keytab is read, which means there was no FATAL-level DEBUG message printed to the user in case the keytab was missing completely and users had to enable more verbose debugging to diagnose failure to start up. This patch adds both the verbose DEBUG message as well as a syslog message. Reviewed-by: Michal Židek --- src/util/sss_krb5.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src') diff --git a/src/util/sss_krb5.c b/src/util/sss_krb5.c index 7c0c5832c..a7f1bf37c 100644 --- a/src/util/sss_krb5.c +++ b/src/util/sss_krb5.c @@ -227,6 +227,12 @@ errno_t select_principal_from_keytab(TALLOC_CTX *mem_ctx, } done: + if (ret != EOK) { + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to read keytab [%s]: %s\n", + KEYTAB_CLEAN_NAME, strerror(ret)); + sss_log(SSS_LOG_ERR, "Failed to read keytab [%s]: %s\n", + KEYTAB_CLEAN_NAME, strerror(ret)); + } if (keytab) krb5_kt_close(krb_ctx, keytab); if (krb_ctx) krb5_free_context(krb_ctx); if (client_princ != NULL) { -- cgit