Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 652772 - SEC_* param cleanup in base-db
SEC_* param cleanup in base-db
Status: CLOSED ERRATA
Product: Red Hat Enterprise MRG
Classification: Red Hat
Component: condor-wallaby-base-db (Show other bugs)
1.3
Unspecified Unspecified
medium Severity medium
: 2.0.1
: ---
Assigned To: Robert Rati
Lubos Trilety
:
Depends On:
Blocks: 723887
  Show dependency treegraph
 
Reported: 2010-11-12 13:09 EST by Robert Rati
Modified: 2011-09-07 12:43 EDT (History)
4 users (show)

See Also:
Fixed In Version: condor-wallaby-base-db-1.14-1
Doc Type: Bug Fix
Doc Text:
C: The remote configuration default database had a number of unneeded security related parameters in several features C: The security parameters could be confusing on a configured node C: Cleaned up the security params in the default db R: Security parameter settings are much more clear
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-09-07 12:43:22 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:1249 normal SHIPPED_LIVE Moderate: Red Hat Enterprise MRG Grid 2.0 security, bug fix and enhancement update 2011-09-07 12:40:45 EDT

  None (edit)
Description Robert Rati 2010-11-12 13:09:34 EST 
Description of problem:
Need to clean up the definitions of the SEC_* params in the default db:
1) The params should have must_change = false
2) <subsys>.SEC_* should be removed from all features in the db

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Robert Rati 2010-11-12 16:59:32 EST 
May also be able to remove claimtobe authentication methods since fs/ntlm is specified.
Comment 2 Robert Rati 2010-11-18 10:21:17 EST 
Also look at making Authentication REQUIRED instead of OPTIONAL.
Comment 3 Robert Rati 2011-06-13 17:34:57 EDT 
Removed all SEC_* params from all features except the Master feature.  Also edited SEC_DEFAULT_AUTHENTICATION_METHODS on the Master feature to include FS and NTLM methods.

All SEC_* params are neither must_change nor needs_restart

Fixed on master
Comment 4 Robert Rati 2011-06-24 11:33:46 EDT 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
C: The remote configuration default database had a number of  unneeded security related parameters in several features
C: The security parameters could be confusing on a configured node
C: Cleaned up the security params in the default db
R: Security parameter settings are much more clear
Comment 6 Lubos Trilety 2011-07-29 05:30:14 EDT 
Tested with:
condor-wallaby-base-db-1.14-1

Tested on:
RHEL5 i386,x86_64
RHEL6 i686,x86_64

SEC_DEFAULT_AUTHENTICATION_METHODS on the Master feature includes also FS
and NTLM methods.
All SEC_* parameters have must_change and needs_restart set to false
Only Master feature contains SEC_* parameters.

>>> VERIFIED
Comment 7 errata-xmlrpc 2011-09-07 12:43:22 EDT 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-1249.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.