| Summary: | authconfig fails when access_provider is set as krb5 in sssd.conf. | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Gowrishankar Rajaiyan <grajaiya> | |
| Component: | sssd | Assignee: | Stephen Gallagher <sgallagh> | |
| Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> | |
| Severity: | unspecified | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 6.1 | CC: | benl, dpal, grajaiya, jgalipea, kbanerje, prc, syeghiay | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | sssd-1.5.1-15.el6 | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 688694 (view as bug list) | Environment: | ||
| Last Closed: | 2011-05-19 11:39:08 UTC | Type: | --- | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Bug Depends On: | ||||
| Bug Blocks: | 688694 | |||
1. Configured SSSD as: [domain/LDAP-KRB5] id_provider = ldap ldap_uri = ldaps://sssdldap.redhat.com:636 ldap_search_base = dc=example,dc=com ldap_tls_reqcert = demand ldap_tls_cacertdir = /etc/openldap/cacerts ldap_tls_cacert = /etc/openldap/cacerts/cacert.asc cache_credentials = true enumerate = false debug_level = 9 krb5_realm = EXAMPLE.COM auth_provider = krb5 access_provider = krb5 krb5_kdcip = sssdldap.redhat.com:88 krb5_ccachedir = /tmp/krb5_cache krb5_ccname_template = FILE:%d/krb5cc_%u 2. # authconfig --enablesssd --enablesssdauth --updateall Starting sssd: [ OK ] 3. # authconfig --disablesssd --disablesssdauth --updateall Stopping sssd: [ OK ] Verified. # rpm -qi sssd | head Name : sssd Relocations: (not relocatable) Version : 1.5.1 Vendor: Red Hat, Inc. Release : 17.el6 Build Date: Wed 23 Mar 2011 08:38:49 PM IST Install Date: Thu 24 Mar 2011 12:16:17 PM IST Build Host: x86-002.build.bos.redhat.com Group : Applications/System Source RPM: sssd-1.5.1-17.el6.src.rpm Size : 3459179 License: GPLv3+ Signature : (none) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://fedorahosted.org/sssd/ Summary : System Security Services Daemon An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2011-0560.html An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2011-0560.html |
Description of problem: Version-Release number of selected component (if applicable): sssd-1.5.1-14.el6.x86_64 authconfig-6.1.12-4.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. Configure SSSD with "access_provider = krb5". See Additional info for the relevant sssd.conf section. 2. authconfig --enablesssd --enablesssdauth --updateall 3. Actual results: Traceback (most recent call last): File "/usr/sbin/authconfig", line 894, in <module> sys.exit(module.run()) File "/usr/sbin/authconfig", line 475, in run self.readAuthInfo() File "/usr/sbin/authconfig", line 327, in readAuthInfo self.info = authinfo.read(self.printError) File "/usr/share/authconfig/authinfo.py", line 916, in read info.read() File "/usr/share/authconfig/authinfo.py", line 2185, in read self.readSSSD(ref) File "/usr/share/authconfig/authinfo.py", line 1613, in readSSSD domain = self.sssdDomain = self.sssdConfig.get_domain(SSSD_AUTHCONFIG_DOMAIN) File "/usr/lib/python2.6/site-packages/SSSDConfig.py", line 1523, in get_domain domain.set_option(option, value) File "/usr/lib/python2.6/site-packages/SSSDConfig.py", line 1009, in set_option self.add_provider(value, provider) File "/usr/lib/python2.6/site-packages/SSSDConfig.py", line 1062, in add_provider raise NoSuchProviderSubtypeError(provider_type) SSSDConfig.NoSuchProviderSubtypeError: access Expected results: Should update all the related files and start SSSD. Additional info: [domain/default] id_provider = ldap ldap_uri = ldaps://sssdldap.redhat.com:636 ldap_search_base = dc=example,dc=com ldap_tls_reqcert = demand ldap_tls_cacertdir = /etc/openldap/cacerts ldap_tls_cacert = /etc/openldap/cacerts/cacert.asc cache_credentials = true enumerate = false debug_level = 9 krb5_realm = EXAMPLE.COM auth_provider = krb5 access_provider = krb5 krb5_kdcip = sssdldap.redhat.com:88 krb5_ccachedir = /tmp/krb5_cache krb5_ccname_template = FILE:%d/krb5cc_%u