| Summary: | autofs can't connect to IPA LDAP for automount maps | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Michal Piotrowski <bastian_knight> | ||||
| Component: | autofs | Assignee: | Ian Kent <ikent> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 19 | CC: | bastian_knight, ikent, mkosek, nalin, plautrba, rcritten, ssorce | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2013-11-05 08:51:13 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Attachments: |
|
||||||
|
Description
Michal Piotrowski
2013-10-22 13:22:36 UTC
This could be due to changes introduced in cyrus-sasl. I've spent the last few hours looking at the sasl code and I still don't know how to work around the changes, if in fact it is changes to cyrus-sasl. I'll return it this later. I have checked the possibilty of rebuilding cyrus-sasl from Fedora 18 sources. The package built without problems on F19 but dependencies for newer versions of the cyrus-sasl package are too extensive for me to handle. It would require rebuilding of openldap, freeipa and tenths of other packages. As a workaround I can still use file based configuration for autofs but in a long term it would be great if compatibility with RHEL IPA would be restored. If it helps I can install test Fedora 18 and check if it works ok with previous version of Fedora in our configuration. Please let me know if such test has any use for you. (In reply to Michal Piotrowski from comment #3) > I have checked the possibilty of rebuilding cyrus-sasl from Fedora 18 > sources. The package built without problems on F19 but dependencies for > newer versions of the cyrus-sasl package are too extensive for me to handle. > It would require rebuilding of openldap, freeipa and tenths of other > packages. That's a shame, I thought that might be the case. > > As a workaround I can still use file based configuration for autofs but in a > long term it would be great if compatibility with RHEL IPA would be restored. If I'm correct it won't just be IPA that's affected. I suspect this is an issue that has been seen before. Have a look at this: http://www.spinics.net/lists/autofs/msg00174.html and this: https://bugzilla.novell.com/show_bug.cgi?id=775279 which shows the bit of cyrus-sasl code that changed. The problem is I'm not sure how to change the autofs code to accommodate the cyrus-sasl change. Hopefully someone on the cc list of the bug can help with that, although we do need to verify this is the actual problem before making changes. > > If it helps I can install test Fedora 18 and check if it works ok with > previous version of Fedora in our configuration. Please let me know if such > test has any use for you. Not sure it's worth the effort just yet. Lets see if we can get some ideas on how to verify this from others first. I guess you could do a network trace as described in the above links to see if the mutual-authentication-required bit is clear in this case too. That would at least give confidence we're on the right track. Ian After update to the latest cyrus-sasl package (cyrus-sasl-2.1.26-10.fc19.x86_64) the problem no longer exists. autofs can connect to IPA LDAP. |