krb5-auth-dialog: renew for current principal, not local user - cannot override
Submitted by Jan Iven
krb5-auth-dialog prompts for the "Kerberos" password for the currently-logged user instead of the principal of the existing (soon to expire) credential. In case these differ, it should prefer the principal as stored in the credential cache, and (or, at least..) allow to override the principal. Command-line "kinit" does the correct thing - without other arguments, it attempts to renew/refresh the current principal, not the local user.