Fedora 28: 로그인 시 Kerberos 티켓 생성

내 컴퓨터(Fedora 28)에 로그인하면 Kerberos 티켓을 생성하려고 합니다. 나는 그것을 달성하기 위해 PAM을 사용하고 싶습니다. 내 /etc/pam.d/system-auth모습은 다음과 같습니다.

auth        required                                     pam_env.so
auth        required                                     pam_faildelay.so delay=2000000
auth        [default=1 ignore=ignore success=ok]         pam_succeed_if.so uid >= 1000 quiet
auth        [default=1 ignore=ignore success=ok]         pam_localuser.so
auth        sufficient                                   pam_unix.so nullok try_first_pass
auth        requisite                                    pam_succeed_if.so uid >= 1000 quiet_success
#auth        sufficient                                   pam_sss.so forward_pass
auth        sufficient                                   pam_krb5.so try_first_pass
auth        required                                     pam_deny.so

account     required                                     pam_unix.so
account     sufficient                                   pam_localuser.so
account     sufficient                                   pam_succeed_if.so uid < 1000 quiet
#account     [default=bad success=ok user_unknown=ignore] pam_sss.so
account     [default=bad success=ok user_unknown=ignore] pam_krb5.so
account     required                                     pam_permit.so

password    requisite                                    pam_pwquality.so try_first_pass local_users_only
password    sufficient                                   pam_unix.so sha512 shadow nullok try_first_pass use_authtok
#password    sufficient                                   pam_sss.so use_authtok
password    sufficient                                   pam_krb5.so use_authtok
password    required                                     pam_deny.so

session     optional                                     pam_keyinit.so revoke
session     required                                     pam_limits.so
-session    optional                                     pam_systemd.so
session     [success=1 default=ignore]                   pam_succeed_if.so service in crond quiet use_uid
session     required                                     pam_unix.so
#session     optional                                     pam_sss.so
session     optional                                     pam_krb5.so

이것은 다음의 로그입니다 /var/log/secure.

Sep 12 12:48:04 vbox sudo[1408]:    vbox : problem with defaults entries ; TTY=tty1 ; PWD=/etc ; USER=root ;
Sep 12 12:48:05 vbox sudo[1408]:    vbox : TTY=tty1 ; PWD=/etc ; USER=root ; COMMAND=/usr/bin/chown root:root krb5.keytab
Sep 12 12:48:05 vbox sudo[1408]: pam_systemd(sudo:session): Cannot create session: Already running in a session
Sep 12 12:48:05 vbox sudo[1408]: pam_unix(sudo:session): session opened for user root by vbox(uid=0)
Sep 12 12:48:05 vbox sudo[1408]: pam_unix(sudo:session): session closed for user root
Sep 12 12:48:07 vbox sudo[1413]:    vbox : problem with defaults entries ; TTY=tty1 ; PWD=/etc ; USER=root ;
Sep 12 12:48:07 vbox sudo[1413]:    vbox : TTY=tty1 ; PWD=/etc ; USER=root ; COMMAND=/usr/sbin/reboot
Sep 12 12:48:07 vbox sudo[1413]: pam_systemd(sudo:session): Cannot create session: Already running in a session
Sep 12 12:48:07 vbox sudo[1413]: pam_unix(sudo:session): session opened for user root by vbox(uid=0)
Sep 12 12:48:07 vbox login[746]: pam_unix(login:session): session closed for user vbox
Sep 12 12:48:07 vbox login[746]: pam_krb5[746]: error initializing kerberos: 13 (Permission denied)
Sep 12 12:48:07 vbox login[746]: pam_krb5[746]: error initializing Kerberos
Sep 12 12:48:07 vbox sudo[1413]: pam_unix(sudo:session): session closed for user root
Sep 12 12:48:07 vbox systemd[1092]: pam_unix(systemd-user:session): session closed for user vbox
Sep 12 12:48:07 vbox systemd[1092]: pam_krb5[1092]: error initializing kerberos: 13 (Permission denied)
Sep 12 12:48:07 vbox systemd[1092]: pam_krb5[1092]: error initializing Kerberos
Sep 12 12:48:13 vbox sshd[739]: Received signal 15; terminating.
Sep 12 12:48:43 vbox sshd[728]: Server listening on 0.0.0.0 port 22.
Sep 12 12:48:43 vbox sshd[728]: Server listening on :: port 22.
Sep 12 12:48:46 vbox polkitd[766]: Loading rules from directory /etc/polkit-1/rules.d
Sep 12 12:48:46 vbox polkitd[766]: Loading rules from directory /usr/share/polkit-1/rules.d
Sep 12 12:48:47 vbox polkitd[766]: Finished loading, compiling and executing 13 rules
Sep 12 12:48:47 vbox polkitd[766]: Acquired the name org.freedesktop.PolicyKit1 on the system bus
Sep 12 12:49:11 vbox systemd[1093]: pam_unix(systemd-user:session): session opened for user vbox by (uid=0)
Sep 12 12:49:11 vbox systemd[1093]: pam_krb5[1093]: error initializing kerberos: 13 (Permission denied)
Sep 12 12:49:11 vbox systemd[1093]: pam_krb5[1093]: error initializing Kerberos
Sep 12 12:49:12 vbox login[745]: pam_unix(login:session): session opened for user vbox by LOGIN(uid=0)
Sep 12 12:49:12 vbox login[745]: pam_krb5[745]: error initializing kerberos: 13 (Permission denied)
Sep 12 12:49:12 vbox login[745]: pam_krb5[745]: error initializing Kerberos
Sep 12 12:49:12 vbox login[745]: LOGIN ON tty1 BY vbox
Sep 12 12:57:20 vbox sshd[1200]: Accepted password for vbox from 192.168.1.53 port 54824 ssh2
Sep 12 12:57:20 vbox sshd[1200]: pam_unix(sshd:session): session opened for user vbox by (uid=0)
Sep 12 12:58:26 vbox sudo[1255]:    vbox : problem with defaults entries ; TTY=pts/0 ; PWD=/etc/pam.d ; USER=root ;

보시다시피 저는 pam_krb5[745]: error initializing kerberos: 13 (Permission denied). 조금 검색한 결과 권한 문제일 수 있음을 발견하고 krb5.conf다음과 같이 설정했습니다 644.

-rw-r--r--. 1 root root 3.8K Jul 31 13:29 krb5.conf

하지만 같은 오류가 있습니다. 그리고 로그인해서 수동으로 입력하면 kinit vbox티켓을 받을 수 있다는 것도 알게 됐어요. 왜 Permission Denied오류가 발생했는지 이해할 수 없습니다 .

폴리스티렌 다음은 내용입니다 krb5.conf.https://pastebin.com/t7T2CsBH