Unable to use password authentification in Linux environment
Closed this issue · 3 comments
Terraform CLI and Provider Versions
Terraform v1.5.3
on linux_amd64
- provider registry.terraform.io/hashicorp/dns v3.3.2
Terraform Configuration
terraform {
required_providers {
dns = {
source = "hashicorp/dns"
}
}
}
variable "zone" {
description = "DNS zone"
type = string
}
variable "compute_instances" {
description = "Compute instances"
type = map(object({
ip_address = string
create_dns_records = optional(bool)
}))
default = {}
}
resource "dns_a_record_set" "this" {
for_each = { for instance_name, instance in var.compute_instances :
instance_name => instance if instance.create_dns_records }
zone = var.zone
name = each.key
addresses = [each.value.ip_address]
}
Expected Behavior
DNS records will be created as per configs
Actual Behavior
terraform plan
shows that new dns records will be created, so as expected
terraform apply
works as expected in Windows 10, but fails in Linux environments (Ubuntu 22.04):
│ Error: Error updating DNS record: error negotiating GSS context: 2 errors occurred:
│ * KRB5_CONFIG: not found
│ * stat /etc/krb5.conf: no such file or directory
It's not really clear why it tries to open /etc/krb5.conf
while DNS_UPDATE_PASSWORD
is set and DNS_UPDATE_KEYTAB
is unset?
Steps to Reproduce
- Export env variables:
export DNS_UPDATE_SERVER="dns-server.example.net"
export DNS_UPDATE_REALM="EXAMPLE.NET"
export DNS_UPDATE_USERNAME="username"
export DNS_UPDATE_PASSWORD="XXXXXXXXXXXXXXXX"
terraform plan -out plan
terraform apply plan
How much impact is this issue causing?
High
Logs
No response
Additional Information
No response
Code of Conduct
- I agree to follow this project's Code of Conduct
@ilgiznurgaliev How did you fix this?
@ilgiznurgaliev How did you fix this?
Created /etc/krb5.conf manually with content like below:
[libdefaults]
default_realm = EXAMPLE.COM
[realms]
EXAMPLE.COM = {
kdc = kdc01.example.com
kdc = kdc02.example.com
}
[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM
After that it works with no any issues.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.