Hide Forgot
Description of problem: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Verify Failure Counter Iteration :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ERROR: kinit as user1 with password BADPWD failed. :: [ PASS ] :: Kinit as user with invalid password :: [ LOG ] :: kinit as admin with password Secret123 was successful. :: [ PASS ] :: Running 'kinitAs admin Secret123' :: [ FAIL ] :: User's failed counter is NOT as expected. Got: [0] Expected: [1] :: [ LOG ] :: ERROR: kinit as user1 with password BADPWD failed. :: [ PASS ] :: Kinit as user with invalid password :: [ LOG ] :: kinit as admin with password Secret123 was successful. :: [ PASS ] :: Running 'kinitAs admin Secret123' :: [ FAIL ] :: User's failed counter is NOT as expected. Got: [0] Expected: [2] :: [ LOG ] :: ERROR: kinit as user1 with password BADPWD failed. :: [ PASS ] :: Kinit as user with invalid password :: [ LOG ] :: kinit as admin with password Secret123 was successful. :: [ PASS ] :: Running 'kinitAs admin Secret123' :: [ FAIL ] :: User's failed counter is NOT as expected. Got: [0] Expected: [3] :: [ LOG ] :: ERROR: kinit as user1 with password BADPWD failed. :: [ PASS ] :: Kinit as user with invalid password :: [ LOG ] :: kinit as admin with password Secret123 was successful. :: [ PASS ] :: Running 'kinitAs admin Secret123' :: [ FAIL ] :: User's failed counter is NOT as expected. Got: [0] Expected: [4] :: [ LOG ] :: ERROR: kinit as user1 with password BADPWD failed. :: [ PASS ] :: Kinit as user with invalid password :: [ LOG ] :: kinit as admin with password Secret123 was successful. :: [ PASS ] :: Running 'kinitAs admin Secret123' :: [ FAIL ] :: User's failed counter is NOT as expected. Got: [0] Expected: [5] :: [ LOG ] :: Duration: 23s :: [ LOG ] :: Assertions: 10 good, 5 bad :: [ FAIL ] :: RESULT: Verify Failure Counter Iteration # kinit jenny Password for jenny: kinit: Password incorrect while getting initial credentials # ipa user-show --all jenny dn: uid=jenny,cn=users,cn=accounts,dc=testrelm,dc=com User login: jenny First name: Jenny Last name: Galipeau Full name: Jenny Galipeau Display name: Jenny Galipeau Initials: JG Home directory: /home/jenny GECOS field: Jenny Galipeau Login shell: /bin/sh Kerberos principal: jenny UID: 809400167 GID: 809400167 Account disabled: False Password: True Member of groups: ipausers Kerberos keys available: True ipauniqueid: 3c26ebd2-4b51-11e1-8ed9-525400d5df12 krbextradata: AAJM8CZPa2FkbWluZEBURVNUUkVMTS5DT00A krblastpwdchange: 20120130193228Z krbloginfailedcount: 0 <================================================ krbpasswordexpiration: 20120429193228Z krbpwdpolicyreference: cn=global_policy,cn=TESTRELM.COM,cn=kerberos,dc=testrelm,dc=com krbticketflags: 128 mepmanagedentry: cn=jenny,cn=groups,cn=accounts,dc=testrelm,dc=com objectclass: top, person, organizationalperson, inetorgperson, inetuser, posixaccount, krbprincipalaux, krbticketpolicyaux, ipaobject, mepOriginEntry # ssh -l jenny localhost jenny@localhost's password: Permission denied, please try again. jenny@localhost's password: Permission denied, please try again. jenny@localhost's password: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password). # ipa user-show --all jenny dn: uid=jenny,cn=users,cn=accounts,dc=testrelm,dc=com User login: jenny First name: Jenny Last name: Galipeau Full name: Jenny Galipeau Display name: Jenny Galipeau Initials: JG Home directory: /home/jenny GECOS field: Jenny Galipeau Login shell: /bin/sh Kerberos principal: jenny UID: 809400167 GID: 809400167 Account disabled: False Password: True Member of groups: ipausers Kerberos keys available: True ipauniqueid: 3c26ebd2-4b51-11e1-8ed9-525400d5df12 krbextradata: AAJM8CZPa2FkbWluZEBURVNUUkVMTS5DT00A krblastpwdchange: 20120130193228Z krbloginfailedcount: 0 <=================================================== krbpasswordexpiration: 20120429193228Z krbpwdpolicyreference: cn=global_policy,cn=TESTRELM.COM,cn=kerberos,dc=testrelm,dc=com krbticketflags: 128 mepmanagedentry: cn=jenny,cn=groups,cn=accounts,dc=testrelm,dc=com objectclass: top, person, organizationalperson, inetorgperson, inetuser, posixaccount, krbprincipalaux, krbticketpolicyaux, ipaobject, mepOriginEntry Version-Release number of selected component (if applicable): ipa-server-2.2.0-101.20120127T0607zgit6863b8f.el6.x86_64 How reproducible: Steps to Reproduce: 1. see description 2. 3. Actual results: This is a regression Expected results: Additional info:
Upstream ticket: https://fedorahosted.org/freeipa/ticket/2334
Fixed upstream master: 651f9324735d0680c6a56246616932459e15b99d ipa-2-2: 5a087e65e24090ee35153ca183206b2d97748c3a
verified :: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Verify Failure Counter Iteration :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: spawn /usr/bin/kinit -V user1 Using default cache: /tmp/krb5cc_0 Using principal: user1 Password for user1: kinit: Password incorrect while getting initial credentials klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0) :: [14:41:14] :: ERROR: kinit as user1 with password BADPWD failed. :: [ PASS ] :: Kinit as user with invalid password kdestroy: No credentials cache found while destroying cache spawn /usr/bin/kinit -V admin Using default cache: /tmp/krb5cc_0 Using principal: admin Password for admin: Authenticated to Kerberos v5 Default principal: admin :: [14:41:16] :: kinit as admin with password Secret123 was successful. :: [ PASS ] :: Running 'kinitAs admin Secret123' :: [ PASS ] :: User's failed counter is as expected: [1] spawn /usr/bin/kinit -V user1 Using default cache: /tmp/krb5cc_0 Using principal: user1 Password for user1: kinit: Password incorrect while getting initial credentials klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0) :: [14:41:21] :: ERROR: kinit as user1 with password BADPWD failed. :: [ PASS ] :: Kinit as user with invalid password kdestroy: No credentials cache found while destroying cache spawn /usr/bin/kinit -V admin Using default cache: /tmp/krb5cc_0 Using principal: admin Password for admin: Authenticated to Kerberos v5 Default principal: admin :: [14:41:22] :: kinit as admin with password Secret123 was successful. :: [ PASS ] :: Running 'kinitAs admin Secret123' :: [ PASS ] :: User's failed counter is as expected: [2] spawn /usr/bin/kinit -V user1 Using default cache: /tmp/krb5cc_0 Using principal: user1 Password for user1: kinit: Password incorrect while getting initial credentials klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0) :: [14:41:27] :: ERROR: kinit as user1 with password BADPWD failed. :: [ PASS ] :: Kinit as user with invalid password kdestroy: No credentials cache found while destroying cache spawn /usr/bin/kinit -V admin Using default cache: /tmp/krb5cc_0 Using principal: admin Password for admin: Authenticated to Kerberos v5 Default principal: admin :: [14:41:29] :: kinit as admin with password Secret123 was successful. :: [ PASS ] :: Running 'kinitAs admin Secret123' :: [ PASS ] :: User's failed counter is as expected: [3] spawn /usr/bin/kinit -V user1 Using default cache: /tmp/krb5cc_0 Using principal: user1 Password for user1: kinit: Password incorrect while getting initial credentials klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0) :: [14:41:34] :: ERROR: kinit as user1 with password BADPWD failed. :: [ PASS ] :: Kinit as user with invalid password kdestroy: No credentials cache found while destroying cache spawn /usr/bin/kinit -V admin Using default cache: /tmp/krb5cc_0 Using principal: admin Password for admin: Authenticated to Kerberos v5 Default principal: admin :: [14:41:35] :: kinit as admin with password Secret123 was successful. :: [ PASS ] :: Running 'kinitAs admin Secret123' :: [ PASS ] :: User's failed counter is as expected: [4] spawn /usr/bin/kinit -V user1 Using default cache: /tmp/krb5cc_0 Using principal: user1 Password for user1: kinit: Password incorrect while getting initial credentials klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0) :: [14:41:40] :: ERROR: kinit as user1 with password BADPWD failed. :: [ PASS ] :: Kinit as user with invalid password kdestroy: No credentials cache found while destroying cache spawn /usr/bin/kinit -V admin Using default cache: /tmp/krb5cc_0 Using principal: admin Password for admin: Authenticated to Kerberos v5 Default principal: admin :: [14:41:42] :: kinit as admin with password Secret123 was successful. :: [ PASS ] :: Running 'kinitAs admin Secret123' :: [ PASS ] :: User's failed counter is as expected: [5] version :: ipa-server-2.2.0-3.el6.x86_64
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: No documentation needed.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0819.html