d0eeced
From 50d580c58dab5928cadfc6ca82aedccee58eaced Mon Sep 17 00:00:00 2001
d0eeced
From: Sumit Bose <sbose@redhat.com>
d0eeced
Date: Fri, 5 Jun 2020 17:28:28 +0200
d0eeced
Subject: [PATCH] tools: disable SSSD's locator plugin
d0eeced
d0eeced
MIT's libkrb5 checks available locator plugins first before checking the
d0eeced
config file. This might cause issues when the locator plugin returns a
d0eeced
different DC than the one used for the LDAP connection if some data must
d0eeced
be replicated.
d0eeced
d0eeced
This patch sets the SSSD_KRB5_LOCATOR_DISABLE environment variable to
d0eeced
'true' to disable SSSD's locator plugin for adcli.
d0eeced
d0eeced
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1762633
d0eeced
---
d0eeced
 tools/tools.c | 2 ++
d0eeced
 1 file changed, 2 insertions(+)
d0eeced
d0eeced
diff --git a/tools/tools.c b/tools/tools.c
d0eeced
index 9d422f2..1b6d879 100644
d0eeced
--- a/tools/tools.c
d0eeced
+++ b/tools/tools.c
d0eeced
@@ -296,6 +296,7 @@ cleanup_krb5_conf_directory (void)
d0eeced
 	}
d0eeced
 
d0eeced
 	unsetenv ("KRB5_CONFIG");
d0eeced
+	unsetenv ("SSSD_KRB5_LOCATOR_DISABLE");
d0eeced
 }
d0eeced
 
d0eeced
 static void
d0eeced
@@ -394,6 +395,7 @@ setup_krb5_conf_directory (adcli_conn *conn)
d0eeced
 		adcli_krb5_conf_filename = filename;
d0eeced
 		adcli_krb5_d_directory = snippets;
d0eeced
 		setenv ("KRB5_CONFIG", adcli_krb5_conf_filename, 1);
d0eeced
+		setenv ("SSSD_KRB5_LOCATOR_DISABLE", "true", 1);
d0eeced
 
d0eeced
 	} else {
d0eeced
 		free (filename);
d0eeced
-- 
d0eeced
2.26.2
d0eeced