did not come from ecryptfs-utils. It looks like they may have come from the kerberos_example profile in auth-client-config instead - do you remember having done something to enable this profile?
The sequence of events here seems to have been that you upgraded to the current version of libpam-runtime, and then afterwards ran auth-client-config, which broke the configuration. Do you recall having run auth-client-config by hand at all?
what version of ecryptfs-utils were you using? The current version in intrepid does not use auth-client-config. Further, these lines:
auth [authinfo_ unavail= ignore success=1 default=2] pam_krb5.so use_first_pass debug
auth [default=done] pam_ccreds.so action=validate use_first_pass
auth [default=done] pam_ccreds.so action=store
auth [default=bad] pam_ccreds.so action=update
did not come from ecryptfs-utils. It looks like they may have come from the kerberos_example profile in auth-client-config instead - do you remember having done something to enable this profile?
The sequence of events here seems to have been that you upgraded to the current version of libpam-runtime, and then afterwards ran auth-client-config, which broke the configuration. Do you recall having run auth-client-config by hand at all?