Uploaded image for project: 'FreeNAS / TrueNAS'
  1. FreeNAS / TrueNAS
  2. NAS-108067

Kerberos Ticket not refreshed (regression)

    XMLWordPrintable

    Details

      Description

      After upgrading to TrueNAS I noticed the kerberos ticket not refreshing again.

      It seems to be the same bug as the one i opened here: https://jira.ixsystems.com/browse/NAS-106286 which had been fixed for 11.3
      Applying the fix from https://github.com/freenas/freenas/pull/4856/files to "parse_klist" instead of "_get_cached_klist" (since some code was moved around in the meantime) I was able to get the ticket to renew again ( via /etc/ix.rc.d/ix-kinit renew).

       

          324     @private
          325     async def parse_klist(self, data):
          326         ad_TGT = []
          327         ldap_TGT = []
          328
          329         ad = data.get("ad")
          330         ldap = data.get("ldap")
          331         klistin = data.get("klistin")
          332         krb5 = KRB5(data.get("krb5type"))
          333
          334  +      if ldap['enable'] and ldap['kerberos_realm']:
          335  +          ldap_realm = await self.middleware.call('kerberos.realm.query',
          336  +                                                  [('id', '=', ldap['kerberos_realm'])],
          337  +                                                  {'get': True})
          338
          339         if krb5 == KRB5.MIT:
      ...
      ...
          420                     })
          421
          422                 elif ldap['enable'] and ldap['kerberos_realm']:
          423  -                  if ldap['kerberos_realm']['krb_realm'] in client:
          423  +                  if ldap_realm['realm'] in client:
          424                         ldap_TGT.append({
      

       

        Attachments

          Attachments

            JEditor

              Activity

                People

                Assignee:
                awalker Andrew Walker
                Reporter:
                ppascher Pascal Pascher
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: