626943 – Upgrading to satellite 5.4 may break Pam authentication

Bug 626943 - Upgrading to satellite 5.4 may break Pam authentication

Summary: Upgrading to satellite 5.4 may break Pam authentication

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Satellite 5
Classification:	Red Hat
Component:	Upgrades
Sub Component:
Version:	530
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Milan Zázrivec
QA Contact:	Pavel Novotny
Docs Contact:
URL:
Whiteboard:	Fixed in the 5.4.0 Release - GA'd 201...
Depends On:	627859
Blocks:	sat540-blockers sat540-upgrades
TreeView+	depends on / blocked

Reported:	2010-08-24 17:54 UTC by Justin Sherrill
Modified:	2010-11-30 16:06 UTC (History)
CC List:	5 users (show)
Fixed In Version:	rhn-upgrade-5.4.0.5-1
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-10-28 15:01:57 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Justin Sherrill 2010-08-24 17:54:23 UTC

We've had 3 spacewalk users that have upgraded from 1.0 to 1.1 and have the their pam authentication stop working.

In all cases logging in with a pam authenticated user resulted in a java dump (the jvm crashing).

In all 3 cases reverting from the oci driver back to the thin driver fixed the issue.  I know Michael has tested this on a spacewalk 1.1 build directly, but since 3 different users had the issue and all 3 reported it working with the thin driver, I think something is awry. 

We should test upgrading from 5.3 to 5.4 (or spacewalk 1.0 to 1.1) with pam authentication enabled.

Comment 1 Milan Zázrivec 2010-09-22 16:16:40 UTC

This problem is in fact being worked on in bug #627859.

I'll leave this bug open for QA to properly verify the pam authentication
on upgraded Satellite works OK.

Comment 2 Jan Pazdziora 2010-09-23 06:09:30 UTC

(In reply to comment #0)
> We've had 3 spacewalk users that have upgraded from 1.0 to 1.1 and have the
> their pam authentication stop working.

Could you please confirm that in all these cases, the PAM authentication is in fact using LDAP and not some other PAM module?

We are aware of LDAP having issues but if it is a more generic PAM problem, please let me know.

Comment 3 Jan Pazdziora 2010-09-24 19:50:12 UTC

The bug 627859 is now ON_QA, so this one could be moved ON_QA as well. Or closed as dupe?

Comment 4 Clifford Perry 2010-09-24 20:07:14 UTC

This is tracking over /upgrades/ the other is new installs. I think its good to have it track for upgrades to ensure QA specifically tests this, even if we developers feel like were tracking the same issue in two bugs and should be closed as dupe. Lets move to ON_QA once Milan hands QA the rhn-upgrade package.

Cliff

Comment 5 Martin Minar 2010-10-06 14:13:19 UTC

Verified on Satellite upgraded from 5.3 to 5.4.

Comment 6 Clifford Perry 2010-10-28 15:01:57 UTC

The 5.4.0 RHN Satellite and RHN Proxy release has occurred. This issue has been resolved with this release. 


RHEA-2010:0801 - RHN Satellite Server 5.4.0 Upgrade
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10332

RHEA-2010:0803 - RHN Tools enhancement update
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10333

RHEA-2010:0802 - RHN Proxy Server 5.4.0 bug fix update
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10334

RHEA-2010:0800 - RHN Satellite Server 5.4.0
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10335

Docs are available:

http://docs.redhat.com/docs/en-US/Red_Hat_Network_Satellite/index.html 

Regards,
Clifford

Note You need to log in before you can comment on or make changes to this bug.