Bug 907297

Summary: Do not guess host part of kerberos principal
Product: [Retired] Beaker Reporter: Raymond Mancy <rmancy>
Component: schedulerAssignee: beaker-dev-list
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 0.10CC: asaha, dcallagh, ebaak, mishin, qwan, rglasz, rmancy
Target Milestone: 0.11   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: Misc
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-02-13 03:37:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Raymond Mancy 2013-02-04 04:20:58 UTC 
Currently bkr.common.krb_auth.get_encoded_request() will use the
socket.gethostname() value (if none is given) for the host part of a service principal when making a request.

Rightly or wrongly, this means that when the client uses one principal for the request and the server uses another principal (e.g. client uses an A record for the host and server uses a CNAME) we get the 'Wrong principal in request' error.
Comment 1 Raymond Mancy 2013-02-05 03:03:42 UTC 
http://gerrit.beaker-project.org/#/c/1691/
Comment 2 Min Shin 2013-02-13 03:41:50 UTC 
Beaker 0.11.3 hot fix has been released.