Fix krbcc dir creation issue with MIT krb5 1.11

In krb5-libs >= 1.11, function krb5_cc_resolve verify if credential cache dir
exists. If it doesn't exist, than it will be created with process permissions
and not user permissions.

Function cc_residual_is_used has already checked for non existing
directory, but it wasn't considered to be a failure and therefore next call
of krb5_init_context will create directory with wrong permissions.

Now if directory doesn't exist, it will be handled like there was not ccache
attribute in sysdb cache. We also check if "primary" file in ccache directory
has right permissions. But we ignore missing "primary" file.

https://fedorahosted.org/sssd/ticket/1822

0 files changed, 0 insertions, 0 deletions