Bug 1030689

Summary: krb5_cc(col)_last_change_time() doesn't work as intended with keyring caches
Product: Red Hat Enterprise Linux 7 Reporter: Nalin Dahyabhai <nalin>
Component: krb5Assignee: Robbie Harwood <rharwood>
Status: CLOSED UPSTREAM QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: unspecified Docs Contact:
Priority: low    
Version: 7.0CC: dpal, mkosek, nalin, nathaniel, pkis, rharwood, riehecky, ssorce
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: http://krbdev.mit.edu/rt/Ticket/Display.html?id=7766
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1030686 Environment:
Last Closed: 2016-11-17 19:10:15 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1030686    
Bug Blocks: 1030688    

Description Nalin Dahyabhai 2013-11-14 23:18:12 UTC 
+++ This bug was initially created as a clone of Bug #1030686 +++

The krb5_ccc_last_change_time() and krb5_cccol_last_change_time() functions are meant to provide the caller with the last time a particular cache or cache collection was modified.  Their implementation for KEYRING caches is such that different processes will get different results, if they get anything other than 0.  Since we've been looking at using these functions to monitor user caches and check for impending expiration, we need to fix them.