Since Snapd 2.71[0], snaps can connect to the kerberos-tickets
slot. Firefox, for example:
sudo snap connect firefox:kerberos-tickets
This will make Kerberos authentication work assuming a credentials cache
of the file type and path matching /tmp/krb5cc* (a default configuration
satisfies this condition).
=> Known limitations <=
-
[1]Denial to write session tickets to
cache causes (potentially significantly) slower authentication -
[2]Unreadable includedir in krb5.conf causes Kerberos to bail out.
-
[3]Support a credentials cache of KEYRING type
=> But {this snap} has no kerberos-ticket plug <=
Contact the snap maintainers and request its addition.
=> I want my credentials cache to be {arbitrary path} <=
I’m convinced security reviewers would reject that as it would imply that
any path in the system could be exposed to the snap, but you’re welcome to
open a discussion in the Snapcraft forum and link it here.
=> I found {this other limitation} <=
File a bug or, if you’re unsure, raise it here.
Cheers!
[1]https://launchpad.net/bugs/2138268
[2]https://launchpad.net/bugs/2122317
[3]https://launchpad.net/bugs/2139666
[0]https://launchpad.net/bugs/1849346