RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 973548 - autofs fips testing
Summary: autofs fips testing
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: autofs
Version: 7.0
Hardware: All
OS: Linux
unspecified
low
Target Milestone: rc
: ---
Assignee: Ian Kent
QA Contact: Filesystem QE
URL:
Whiteboard:
Depends On:
Blocks: 839624
TreeView+ depends on / blocked
 
Reported: 2013-06-12 08:20 UTC by Ian Kent
Modified: 2013-08-05 06:44 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-06-12 08:22:16 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Ian Kent 2013-06-12 08:20:56 UTC
FIPS testing of autofs was carried out against package autofs-5.0.7-19
with the following results:

The automated regression testing did not function when the task
to enable FIPS mode was added.

Manual testing was done by running the autofs Connectathon test
suite and no problems specific to FIPS mode were seen.

Selected tests from the Beaker autofs-workflow regression test
suite (CoreOS/autofs/bugzillas) were manually run:

bz559430 (MD5, ldap, sasl)                      PASS
bz593378 (NIS)                                  PASS
bz443933 (NIS)                                  PASS
bz607785 (TLS)                                  FAIL
bz185443 (SSL)                                  FAIL
bz481139 (Kerberos, SASL)                       FAIL
                                                Unable to run on RHEL-6
                                                server krb5_util create
                                                has changed somehow.

The above result indicates that using SSL, TLS doesn't function.
Given that configuration of the external subsystems for these
features is essentially outside the scope of autofs itself the
functionality may work for a system that is suitably configured.

I was unable to run test bz481139 due to a problem when manually
running the test but given the result of the SSL and TLS function
I expect it will also fail and I'm claiming a FAIL for it.

Comment 1 Ian Kent 2013-06-12 08:25:51 UTC
While it may be worth testing this again when new packages are
imported, particularly for test bz481139, the fact that the
crystallographic configuration is mostly outside autofs itself
I'm closing this WONTFIX.

Comment 2 Ian Kent 2013-08-05 06:44:40 UTC
A new revision, autofs-5.0.7-28, has been imported.
The changes between revision 19 and 28 shouldn't affect the
previous behaviour described in this bug so re-testing has
not been carried out.

The results above still apply.


Note You need to log in before you can comment on or make changes to this bug.