Bug 973548 - autofs fips testing
Summary: autofs fips testing
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: autofs   
(Show other bugs)
Version: 7.0
Hardware: All Linux
Target Milestone: rc
: ---
Assignee: Ian Kent
QA Contact: Filesystem QE
Depends On:
Blocks: 839624
TreeView+ depends on / blocked
Reported: 2013-06-12 08:20 UTC by Ian Kent
Modified: 2013-08-05 06:44 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-06-12 08:22:16 UTC
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Ian Kent 2013-06-12 08:20:56 UTC
FIPS testing of autofs was carried out against package autofs-5.0.7-19
with the following results:

The automated regression testing did not function when the task
to enable FIPS mode was added.

Manual testing was done by running the autofs Connectathon test
suite and no problems specific to FIPS mode were seen.

Selected tests from the Beaker autofs-workflow regression test
suite (CoreOS/autofs/bugzillas) were manually run:

bz559430 (MD5, ldap, sasl)                      PASS
bz593378 (NIS)                                  PASS
bz443933 (NIS)                                  PASS
bz607785 (TLS)                                  FAIL
bz185443 (SSL)                                  FAIL
bz481139 (Kerberos, SASL)                       FAIL
                                                Unable to run on RHEL-6
                                                server krb5_util create
                                                has changed somehow.

The above result indicates that using SSL, TLS doesn't function.
Given that configuration of the external subsystems for these
features is essentially outside the scope of autofs itself the
functionality may work for a system that is suitably configured.

I was unable to run test bz481139 due to a problem when manually
running the test but given the result of the SSL and TLS function
I expect it will also fail and I'm claiming a FAIL for it.

Comment 1 Ian Kent 2013-06-12 08:25:51 UTC
While it may be worth testing this again when new packages are
imported, particularly for test bz481139, the fact that the
crystallographic configuration is mostly outside autofs itself
I'm closing this WONTFIX.

Comment 2 Ian Kent 2013-08-05 06:44:40 UTC
A new revision, autofs-5.0.7-28, has been imported.
The changes between revision 19 and 28 shouldn't affect the
previous behaviour described in this bug so re-testing has
not been carried out.

The results above still apply.

Note You need to log in before you can comment on or make changes to this bug.