Tweak krb5.conf template to be 1.20 compliant

krb5 1.20 seems to evaluate the krb5.conf and does not work with the unresolved kdc entry for the docker host (using MAPPING_PORT)
This tweaks the krb5.conf template handling and local setup to address this and always have a valid krb5.conf file

Author: breskeby

test/fixtures/krb5kdc-fixture/Dockerfile

@@ -1,5 +1,11 @@
 FROM ubuntu:24.04
+
 ADD . /fixture
+# Update the package listing
+RUN apt-get update
+
+# Install sudo
+RUN apt-get install -y sudo python3
 RUN echo kerberos.build.elastic.co > /etc/hostname
 RUN bash /fixture/src/main/resources/provision/installkdc.sh
 

test/fixtures/krb5kdc-fixture/src/main/java/org/elasticsearch/test/fixtures/krb5kdc/Krb5kDcContainer.java

@@ -122,7 +122,7 @@ public String getConf() {
             .findFirst();
         String hostPortSpec = bindings.get().getHostPortSpec();
         String s = copyFileFromContainer("/fixture/build/krb5.conf.template", i -> IOUtils.toString(i, StandardCharsets.UTF_8));
-        return s.replace("${MAPPED_PORT}", hostPortSpec);
+        return s.replace("#KDC_DOCKER_HOST", "kdc = 127.0.0.1:" + hostPortSpec);
     }
 
     public Path getKeytab() {

test/fixtures/krb5kdc-fixture/src/main/resources/provision/krb5.conf.template

@@ -6,6 +6,7 @@
  # License v3.0 only", or the "Server Side Public License, v 1".
 
 [libdefaults]
+    spake_preauth_groups = edwards25519
     default_realm = ${REALM_NAME}
     dns_canonicalize_hostname = false
     dns_lookup_kdc = false
@@ -25,7 +26,7 @@
 [realms]
     ${REALM_NAME} = {
         kdc = 127.0.0.1:88
-        kdc = 127.0.0.1:${MAPPED_PORT}
+        #KDC_DOCKER_HOST
         admin_server = ${KDC_NAME}:749
         default_domain = ${BUILD_ZONE}
     }