Bug 1386266

Summary:	[RFE] krb5 support for remote execution job invocations
Product:	Red Hat Satellite	Reporter:	Daniel Lobato Garcia <dlobatog>
Component:	Remote Execution	Assignee:	Adam Ruzicka <aruzicka>
Status:	CLOSED ERRATA	QA Contact:	Peter Ondrejka <pondrejk>
Severity:	high	Docs Contact:	satellite6-bugs <satellite6-bugs>
Priority:	high
Version:	6.1.9	CC:	ahumbe, aruzicka, asahni, bbuckingham, bkearney, dcaplan, ealcaniz, ehelms, fgarciad, inecas, jcallaha, molasaga, oshtaier, riehecky, satellite6-bugs, sauchter, tbrisker, zhunting
Target Milestone:	Unspecified	Keywords:	FieldEngineering, FutureFeature, PrioBumpGSS, PrioBumpPM, Triaged
Target Release:	Unused
Hardware:	x86_64
OS:	Linux
Whiteboard:
Fixed In Version:	tfm-rubygem-foreman_remote_execution_core-1.0.5	Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:
Clones:	1541481 (view as bug list)		Environment:
Last Closed:	2018-02-21 12:36:49 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	1316897, 1386262, 1479962

Description Daniel Lobato Garcia 2016-10-18 13:57:19 UTC

Description of problem:

Client needs to be able to use kerberos tokens generated via keytab to invoke jobs in remote machines instead of RSA keys. 

The tokens are generated per template or job invocation, they should not be global.

Expected results:

The SSH connection would use a krb5 token instead of an RSA key.

Comment 10 Satellite Program 2017-05-25 10:11:54 UTC

Upstream bug assigned to aruzicka

Comment 11 Satellite Program 2017-05-25 10:11:59 UTC

Upstream bug assigned to aruzicka

Comment 12 Bryan Kearney 2017-06-08 18:57:42 UTC

Removing 6.2.z since I do not believe we will deliver it in that timeframe.

Comment 13 Satellite Program 2017-07-10 12:11:33 UTC

Moving this bug to POST for triage into Satellite 6 since the upstream issue http://projects.theforeman.org/issues/11936 has been resolved.

Comment 21 Adam Ruzicka 2017-08-29 06:42:11 UTC

*** Bug 1317004 has been marked as a duplicate of this bug. ***

Comment 22 Ivan Necas 2017-08-30 12:44:10 UTC

Waiting for packaging and installer changes upstream

Comment 23 Adam Ruzicka 2017-08-30 13:01:42 UTC

RPM packaging PR: https://github.com/theforeman/foreman-packaging/pull/1665
installer changes PR: https://github.com/theforeman/puppet-foreman_proxy/pull/351

Comment 34 Pat Riehecky 2018-01-05 20:35:43 UTC

There doesn't appear to documentation on how to activate this feature upstream.

Comment 44 errata-xmlrpc 2018-02-21 12:36:49 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:0336