FIPS testing of autofs was carried out against package autofs-5.0.7-19
with the following results:
The automated regression testing did not function when the task
to enable FIPS mode was added.
Manual testing was done by running the autofs Connectathon test
suite and no problems specific to FIPS mode were seen.
Selected tests from the Beaker autofs-workflow regression test
suite (CoreOS/autofs/bugzillas) were manually run:
bz559430 (MD5, ldap, sasl) PASS
bz593378 (NIS) PASS
bz443933 (NIS) PASS
bz607785 (TLS) FAIL
bz185443 (SSL) FAIL
bz481139 (Kerberos, SASL) FAIL
Unable to run on RHEL-6
server krb5_util create
has changed somehow.
The above result indicates that using SSL, TLS doesn't function.
Given that configuration of the external subsystems for these
features is essentially outside the scope of autofs itself the
functionality may work for a system that is suitably configured.
I was unable to run test bz481139 due to a problem when manually
running the test but given the result of the SSL and TLS function
I expect it will also fail and I'm claiming a FAIL for it.
While it may be worth testing this again when new packages are
imported, particularly for test bz481139, the fact that the
crystallographic configuration is mostly outside autofs itself
I'm closing this WONTFIX.
A new revision, autofs-5.0.7-28, has been imported.
The changes between revision 19 and 28 shouldn't affect the
previous behaviour described in this bug so re-testing has
not been carried out.
The results above still apply.