Bug 626943 - Upgrading to satellite 5.4 may break Pam authentication
Upgrading to satellite 5.4 may break Pam authentication
Status: CLOSED CURRENTRELEASE
Product: Red Hat Satellite 5
Classification: Red Hat
Component: Upgrades (Show other bugs)
530
All Linux
low Severity medium
: ---
: ---
Assigned To: Milan Zázrivec
Pavel Novotny
Fixed in the 5.4.0 Release - GA'd 201...
:
Depends On: 627859
Blocks: sat540-blockers sat540-upgrades
  Show dependency treegraph
 
Reported: 2010-08-24 13:54 EDT by Justin Sherrill
Modified: 2010-11-30 11:06 EST (History)
5 users (show)

See Also:
Fixed In Version: rhn-upgrade-5.4.0.5-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-10-28 11:01:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Justin Sherrill 2010-08-24 13:54:23 EDT
We've had 3 spacewalk users that have upgraded from 1.0 to 1.1 and have the their pam authentication stop working.

In all cases logging in with a pam authenticated user resulted in a java dump (the jvm crashing).

In all 3 cases reverting from the oci driver back to the thin driver fixed the issue.  I know Michael has tested this on a spacewalk 1.1 build directly, but since 3 different users had the issue and all 3 reported it working with the thin driver, I think something is awry. 

We should test upgrading from 5.3 to 5.4 (or spacewalk 1.0 to 1.1) with pam authentication enabled.
Comment 1 Milan Zázrivec 2010-09-22 12:16:40 EDT
This problem is in fact being worked on in bug #627859.

I'll leave this bug open for QA to properly verify the pam authentication
on upgraded Satellite works OK.
Comment 2 Jan Pazdziora 2010-09-23 02:09:30 EDT
(In reply to comment #0)
> We've had 3 spacewalk users that have upgraded from 1.0 to 1.1 and have the
> their pam authentication stop working.

Could you please confirm that in all these cases, the PAM authentication is in fact using LDAP and not some other PAM module?

We are aware of LDAP having issues but if it is a more generic PAM problem, please let me know.
Comment 3 Jan Pazdziora 2010-09-24 15:50:12 EDT
The bug 627859 is now ON_QA, so this one could be moved ON_QA as well. Or closed as dupe?
Comment 4 Clifford Perry 2010-09-24 16:07:14 EDT
This is tracking over /upgrades/ the other is new installs. I think its good to have it track for upgrades to ensure QA specifically tests this, even if we developers feel like were tracking the same issue in two bugs and should be closed as dupe. Lets move to ON_QA once Milan hands QA the rhn-upgrade package.

Cliff
Comment 5 Martin Minar 2010-10-06 10:13:19 EDT
Verified on Satellite upgraded from 5.3 to 5.4.
Comment 6 Clifford Perry 2010-10-28 11:01:57 EDT
The 5.4.0 RHN Satellite and RHN Proxy release has occurred. This issue has been resolved with this release. 


RHEA-2010:0801 - RHN Satellite Server 5.4.0 Upgrade
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10332

RHEA-2010:0803 - RHN Tools enhancement update
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10333

RHEA-2010:0802 - RHN Proxy Server 5.4.0 bug fix update
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10334

RHEA-2010:0800 - RHN Satellite Server 5.4.0
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10335

Docs are available:

http://docs.redhat.com/docs/en-US/Red_Hat_Network_Satellite/index.html 

Regards,
Clifford

Note You need to log in before you can comment on or make changes to this bug.