Add krb_provider helper to set default krb5 options

When auth_provider=krb5 is used, SSSD requires krb5_realm,
krb5_server, and krb5_kpasswd options, otherwise SSSD would
fail with "Missing krb5_realm option!".
Adds krb_provider() method in SSSDCommonConfiguration that
sets default krb5 options (auth_provider, krb5_realm,
krb5_server, krb5_kpasswd) from the backend's host configuration.
  Uses setdefault() to preserve explicit config values
  Called by krb5_auth() to reduce boilerplate in YAML configs
  Works with KDC, IPA, and AD backends

Signed-off-by: Madhuri Upadhye <[email protected]>

Author: madhuriupadhye

sssd_test_framework/utils/sssd.py

@@ -868,6 +868,23 @@ def local(self) -> None:
         )
         self.sssd.default_domain = "local"
 
+    def krb_provider(self, backend: KDC | GenericProvider) -> None:
+        """
+        Set auth_provider to krb5 and populate krb5 options based on the backend.
+
+        This method sets ``auth_provider=krb5`` and configures ``krb5_realm``,
+        ``krb5_server``, and ``krb5_kpasswd`` based on the provided backend
+        (KDC, IPA, or AD).
+
+        :param backend: Backend role object (KDC, IPA, or AD).
+        :type backend: KDC | GenericProvider
+        """
+        host = backend.host
+        host.client.setdefault("auth_provider", "krb5")
+        host.client.setdefault("krb5_realm", host.realm)
+        host.client.setdefault("krb5_server", host.hostname)
+        host.client.setdefault("krb5_kpasswd", host.hostname)
+
     def krb5_auth(self, kdc: KDC, domain: str | None = None) -> None:
         """
         Configure auth_provider to krb5, using the KDC from the multihost
@@ -888,6 +905,7 @@ def krb5_auth(self, kdc: KDC, domain: str | None = None) -> None:
         if domain is None:
             raise ValueError("No domain specified!")
 
+        self.krb_provider(kdc)
         self.sssd.merge_domain(domain, kdc)
         self.sssd.fs.write("/etc/krb5.conf", kdc.config(), user="root", group="root", mode="0644")