Ticket #1500 (closed defect: fixed)

Opened 20 months ago

Last modified 20 months ago

SSSD's default ccache location needs to be updated (again), and the man pages should reflect it

Reported by: jhrozek Owned by: jhrozek
Priority: major Milestone: SSSD 1.9.0 beta 7
Component: SSSD Version:
Keywords: Cc:
Blocked By: Blocking:
Tests Updated: no Coverity Bug:
Patch Submitted: yes Red Hat Bugzilla: 851304
Design link:
Feature Milestone:
Design review: Fedora test page:
Chosen: Candidate to push out:
Release Notes:

Description

https://bugzilla.redhat.com/show_bug.cgi?id=851304 (Fedora)

Description of problem:
For the sake of packages which follow the advice currently given at
https://fedoraproject.org/wiki/Features/KRB5CacheMove, SSSD should switch from
creating DIR:/run/user/${UID}/ccdir to creating DIR:/run/user/${UID}/krb5cc.
The sssd-krb5(5) man page should also reflect the defaults that we're putting
in place.

Version-Release number of selected component (if applicable):
sssd-1.9.0-17.fc18.beta6

How reproducible:
Always

Steps to Reproduce:
1. Log in using pam_sss for authentication.
2. Use "klist" to check where your credentials have been stored.
3. Check if nfs-utils (see bug #833024 for patch and discussion) and cifs-utils
(bug #848223) can find your credentials.

Actual results:
Both are currently being asked to switch (or have switched) to effectively
globbing using "krb5cc*" to find FILE: and DIR: ccaches where they previously
used "krb5cc_*" as a glob for FILE: ccaches, so a ccache named "ccdir" isn't
going to be found.

Expected results:
Both cifs.upcall and rpc.gssd can find the ccache that SSSD creates.

Change History

comment:1 Changed 20 months ago by jhrozek

  • upgrade set to 0
  • Patch Submitted set
  • Tests Updated unset
  • Milestone changed from NEEDS_TRIAGE to SSSD 1.9.0 beta 7
  • Owner changed from somebody to jhrozek
  • Status changed from new to assigned
  • tests set to 0

comment:2 Changed 20 months ago by jhrozek

  • Resolution set to fixed
  • Status changed from assigned to closed
Note: See TracTickets for help on using tickets.