Bug 773496
Summary: | Prompter delay can cause spurious clock skew | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Simo Sorce <ssorce> |
Component: | krb5 | Assignee: | Nalin Dahyabhai <nalin> |
Status: | CLOSED ERRATA | QA Contact: | Zbysek MRAZ <zmraz> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 6.3 | CC: | dpal, ebenes, jplans, nalin, prc |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | krb5-1.10.3-5.el6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | 772712 | Environment: | |
Last Closed: | 2013-02-21 08:36:57 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 772712 | ||
Bug Blocks: |
Description
Simo Sorce
2012-01-12 00:07:28 UTC
Description of the bug. prerequisite: a KDC that does not require preauth and with max tgt lifetime of 8-10 hours Current situation: 1. make sure krb5_auth_dialog is running. 2. Take a short lived ticket 3. wait until it expire and let krb5_auth_dialog pop up 4. go home 5. when you get back next day enter your password 6. klist and see the ticket is valid but expires yesterday 7. run kinit 8. klist and notice how the ticket still expire in the past 9. run kinit again 10. klist and notice how the ticket now expire according to expected time Correct behavior: 1. make sure krb5_auth_dialog is running. 2. Take a short lived ticket 3. wait until it expire and let krb5_auth_dialog pop up 4. go get lunch 5. when you get back enter your password 6. klist and see the ticket is valid but expires yesterday 7. run kinit 8. klist and see that ticket expire at the expected time This request was not resolved in time for the current release. Red Hat invites you to ask your support representative to propose this request, if still desired, for consideration in the next release of Red Hat Enterprise Linux. This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development. This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-0319.html |