Work around kernel keyring inaccessibility (!3) · Merge requests · Docker / ssh · GitLab

Leo P. Singer requested to merge leo-singer/ssh:tgt into el7 Mar 05, 2020

On EL7, Kerberos uses the kernel keyring, which is not available without tweaking the docker seccomp options (see https://docs.docker.com/engine/security/seccomp/).

As a workaround, set the environment variable KRB5CCNAME="FILE:/tmp/tgt" as suggested by https://blog.tomecek.net/post/kerberos-in-a-container/.