Complete
Details
Details
Assignee
Andrew Walker
Andrew WalkerReporter
Pascal Pascher
Pascal PascherLabels
Components
Fix versions
Affects versions
Priority
More fields
More fields
Katalon Platform
Katalon Platform
Created October 23, 2020 at 2:01 PM
Updated July 1, 2022 at 5:00 PM
Resolved November 25, 2020 at 7:36 PM
After upgrading to TrueNAS I noticed the kerberos ticket not refreshing again.
It seems to be the same bug as the one i opened here: https://jira.ixsystems.com/browse/NAS-106286 which had been fixed for 11.3
Applying the fix from https://github.com/freenas/freenas/pull/4856/files to "parse_klist" instead of "_get_cached_klist" (since some code was moved around in the meantime) I was able to get the ticket to renew again ( via /etc/ix.rc.d/ix-kinit renew).
324 @private
325 async def parse_klist(self, data):
326 ad_TGT = []
327 ldap_TGT = []
328
329 ad = data.get("ad")
330 ldap = data.get("ldap")
331 klistin = data.get("klistin")
332 krb5 = KRB5(data.get("krb5type"))
333
334 + if ldap['enable'] and ldap['kerberos_realm']:
335 + ldap_realm = await self.middleware.call('kerberos.realm.query',
336 + [('id', '=', ldap['kerberos_realm'])],
337 + {'get': True})
338
339 if krb5 == KRB5.MIT:
...
...
420 })
421
422 elif ldap['enable'] and ldap['kerberos_realm']:
423 - if ldap['kerberos_realm']['krb_realm'] in client:
423 + if ldap_realm['realm'] in client:
424 ldap_TGT.append({