Bug 889168 - krb5 ticket renewal does not read the renewable tickets from cache
Summary: krb5 ticket renewal does not read the renewable tickets from cache
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sssd
Version: 6.5
Hardware: Unspecified
OS: Unspecified
medium
unspecified
Target Milestone: rc
: ---
Assignee: Jakub Hrozek
QA Contact: Kaushik Banerjee
URL:
Whiteboard:
Depends On:
Blocks: 895654
TreeView+ depends on / blocked
 
Reported: 2012-12-20 12:19 UTC by Jakub Hrozek
Modified: 2020-05-02 17:12 UTC (History)
5 users (show)

Fixed In Version: sssd-1.9.2-59.el6
Doc Type: Bug Fix
Doc Text:
No documentation needed.
Clone Of:
Environment:
Last Closed: 2013-02-21 09:42:54 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github SSSD sssd issues 2773 0 None None None 2020-05-02 17:12:06 UTC
Red Hat Product Errata RHSA-2013:0508 0 normal SHIPPED_LIVE Low: sssd security, bug fix and enhancement update 2013-02-20 21:30:10 UTC

Description Jakub Hrozek 2012-12-20 12:19:02 UTC
Description of problem:
Due to an indexing bug in the Kerberos renewal, the ccache files are not read correctly from cache after SSSD startup.

Version-Release number of selected component (if applicable):
1.9

How reproducible:
always

Steps to Reproduce:
1. configure renewable tickets
2. acquire ticket, its path will be saved to the cache
3. service sssd restart
  
Actual results:
the tickets won't be renewed after restart

Expected results:
the tickets should be renewed

Additional info:
upstream has a patch

Comment 1 Jakub Hrozek 2012-12-20 12:21:09 UTC
Upstream ticket:
https://fedorahosted.org/sssd/ticket/1731

Comment 3 Kaushik Banerjee 2013-01-04 09:17:10 UTC
Verified in version 1.9.2-59

Output from beaker automation run:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: supportTGTrenewal_004 bz889168 - Does not read renewable ccache at startup.
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Stopping sssd: [  OK  ]
Starting sssd: [  OK  ]
[  OK  ]
:: [02:50:26] ::  Sleeping for 5 seconds
spawn ssh -o StrictHostKeyChecking=no testuser1@localhost
testuser1@localhost's password: 
Last login: Fri Jan  4 02:48:06 2013 from localhost
Could not chdir to home directory /home/testuser1: No such file or directory
-bash-4.1$ :: [   PASS   ] :: File '/var/log/sssd/sssd_default.log' should contain 'Checking \[FILE:/tmp/krb5_cache/krb5cc_testuser1\] for renewal at'
Stopping sssd: [  OK  ]
Starting sssd: [  OK  ]
[  OK  ]
:: [02:50:51] ::  Sleeping for 25 seconds
:: [   PASS   ] :: File '/var/log/sssd/sssd_default.log' should contain 'Checking \[FILE:/tmp/krb5_cache/krb5cc_testuser1\] for renewal at'
:: [02:51:16] ::  Stopping KDC on SERVER and sleeping for 60 seconds
Stopping Kerberos 5 KDC: [  OK  ]

:: [   PASS   ] :: File '/var/log/sssd/sssd_default.log' should contain 'Going offline!'
:: [02:51:47] ::  Starting KDC on SERVER1 and sleeping for 60 seconds
Starting Kerberos 5 KDC: [  OK  ]

:: [   PASS   ] :: File '/var/log/sssd/sssd_default.log' should contain 'Checking \[FILE:/tmp/krb5_cache/krb5cc_testuser1\] for renewal at'
:: [   PASS   ] :: File '/var/log/sssd/sssd_default.log' should contain 'Added \[FILE:/tmp/krb5_cache/krb5cc_testuser1\] for renewal at'
'9ea279a6-c1ed-4947-8bde-2f3ba452bc6b'
supportTGTrenewal-004-bz889168-Does-not-read-renewable-ccache-at-startup- result: PASS

Comment 4 errata-xmlrpc 2013-02-21 09:42:54 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html


Note You need to log in before you can comment on or make changes to this bug.