Bug 1956403

Summary: [RFE] Include KCM_OP_GET_CRED_LIST
Product: Red Hat Enterprise Linux 9 Reporter: Robbie Harwood <rharwood>
Component: krb5Assignee: Robbie Harwood <rharwood>
Status: VERIFIED --- QA Contact: Filip Dvorak <fdvorak>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: dpal, fdvorak, ipa-qe, pbrezina
Target Milestone: betaKeywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: krb5-1.19.1-6.el9.1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1956388 Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1956388    

Description Robbie Harwood 2021-05-03 15:49:55 UTC
+++ This bug was initially created as a clone of Bug #1956388 +++

libkrb5 now supports KCM_OP_GET_CRED_LIST when talking with sssd-kcm to improve performance. Please include it in 8.5.

* https://github.com/krb5/krb5/commit/81bdb47d8ded390263d8ee48f71d5c312b4f1736
* https://github.com/krb5/krb5/commit/06afae820a44c1dc96ad88a0b16c3e50bc938b2a

Comment 1 Robbie Harwood 2021-05-13 18:30:48 UTC
> * https://github.com/krb5/krb5/commit/06afae820a44c1dc96ad88a0b16c3e50bc938b2a

I don't plan to include this.  It papers around an SSSD bug - returning the wrong code - and I would prefer SSSD fix it.  (You indicated intent to do so in https://github.com/krb5/krb5/pull/1177#issuecomment-810900921 .)

> * https://github.com/krb5/krb5/commit/81bdb47d8ded390263d8ee48f71d5c312b4f1736

This one should be fine to include.  

I would like to wait a few days and grab the RETRIEVE logic as well.  However, that will expose another issue with SSSD return codes ( https://github.com/SSSD/sssd/pull/5629 ) so if that's not also backported, I will hold off on doing so.

Please let me know if there are any problems with this plan.