#3198 Incorrect error code returned from krb5_child for expired/locked user with id_provider AD
Closed: Fixed 2 years ago Opened 3 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1385665

Description of problem:

It seems that the exit status has changed causing the following automated test that is used for regression testing to fail.

account-password-policy-003-User-account-disabled
account-password-policy-004-bz1081046-User-account-is-expired


Version-Release number of selected component (if applicable):


How reproducible:
Always


Steps to Reproduce:
1. Run the AD Parameters test
2. The following test cases; account-password-policy-003-User-account-disabled and account-password-policy-004-bz1081046-User-account-is-expired fails.
3.

Actual results:

:: [   FAIL   ] :: File '/var/log/secure' should contain 'User account has expired' 
:: [   FAIL   ] :: Command 'id user1-1478375@sssdad2012r2.com | cut -f2 -d " " | grep group1-1478375' (Expected 0, got 1)

Expected results:

:: [   PASS   ] :: File '/var/log/secure' should contain 'User account has expired' 
:: [   PASS   ] :: Command 'id user1-1478375@sssdad2012r2.com | cut -f2 -d " " | grep group1-1478375' (Expected 0, got 1)

temporarily assigning to Lukas because he has some kind of a patch (even though it might need more work)

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
owner: somebody => lslebodn
review: True => 0
selected: =>
testsupdated: => 0

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.14.2

I just noticed we said we'd fix this in 1.15, sorry.

milestone: SSSD 1.14.2 => SSSD 1.15 Beta

Fields changed

description: Ticket was cloned from Red Hat Bugzilla (product ''Red Hat Enterprise Linux 7''): [https://bugzilla.redhat.com/show_bug.cgi?id=1378905 Bug 1378905]

{{{
Description of problem:

It seems that the exit status has changed causing the following automated test
that is used for regression testing to fail.

Test suite: ad parameters
Test Case: sss_ssh_knownhostsproxy001: bz 1071823 segfault when HostID back end
target is not configured

NOTE, this is not a blocker, the user is still permitted to login, only the
error code has changed.

Version-Release number of selected component (if applicable):

How reproducible:

Always

Steps to Reproduce:
1. Run ad_parameters test suite

Actual results:

:: [ PASS ] :: Command 'ssh_user_password_login
testuser01-1511559@sssdad.com Secret123' (Expected 0, got 0)
:: [ PASS ] :: File '/var/log/messages' should not contain
'sssd_be[[0-9]*]: segfault'
:: [ FAIL ] :: File '/var/log/sssd/sssd_sssdad.com.log' should contain
'HostID back end target is not configured'

Expected results:

:: [ PASS ] :: Command 'ssh_user_password_login
testuser01-1511559@sssdad.com Secret123' (Expected 0, got 0)
:: [ PASS ] :: File '/var/log/messages' should not contain
'sssd_be[[0-9]*]: segfault'
:: [ PASS ] :: File '/var/log/sssd/sssd_sssdad.com.log' should contain
'HostID back end target is not configured'

Additional info:

Previous patch that caused this bug.

https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org/
thread/OM2BME5DKH3HBD23BB5SC73I5VTATIGD/#FFKZZXSHZXYIC3P6H3P4Z5INSPEZD6MC
}}} => Ticket was cloned from Red Hat Bugzilla (product ''Red Hat Enterprise Linux 7''): [https://bugzilla.redhat.com/show_bug.cgi?id=1385665 Bug 1385665]

{{{
Description of problem:

It seems that the exit status has changed causing the following automated test that is used for regression testing to fail.

account-password-policy-003-User-account-disabled
account-password-policy-004-bz1081046-User-account-is-expired

Version-Release number of selected component (if applicable):

How reproducible:
Always

Steps to Reproduce:
1. Run the AD Parameters test
2. The following test cases; account-password-policy-003-User-account-disabled and account-password-policy-004-bz1081046-User-account-is-expired fails.
3.

Actual results:

:: [ FAIL ] :: File '/var/log/secure' should contain 'User account has expired'
:: [ FAIL ] :: Command 'id user1-1478375@sssdad2012r2.com | cut -f2 -d " " | grep group1-1478375' (Expected 0, got 1)

Expected results:

:: [ PASS ] :: File '/var/log/secure' should contain 'User account has expired'
:: [ PASS ] :: Command 'id user1-1478375@sssdad2012r2.com | cut -f2 -d " " | grep group1-1478375' (Expected 0, got 1)
}}}
summary: Incorrect error code returned from krb5_child for expired/locked user => Incorrect error code returned from krb5_child for expired/locked user with id_provider AD

Metadata Update from @jhrozek:
- Issue assigned to lslebodn
- Issue set to the milestone: SSSD 1.15.3

2 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset
- Custom field mark reset
- Custom field patch reset
- Custom field review reset
- Custom field sensitive reset
- Custom field testsupdated reset
- Issue close_status updated to: None
- Issue set to the milestone: SSSD 1.15.4 (was: SSSD 1.15.3)

2 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue tagged with: cleanup-one-sixteen

2 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue untagged with: cleanup-one-sixteen
- Issue priority set to: minor (was: major)
- Issue set to the milestone: SSSD 1.16.0 (was: SSSD 1.15.4)

2 years ago

Since we are required to release a new upstream tarball no later than Friday Oct-20, I'm moving tickets that will not be closed by that date to the next milestone, 1.16.1

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue set to the milestone: SSSD 1.16.1 (was: SSSD 1.16.0)

2 years ago

Metadata Update from @lslebodn:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue tagged with: PR

2 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue tagged with: postpone-to-2-0

2 years ago

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue untagged with: postpone-to-2-0
- Issue set to the milestone: SSSD 2.0 (was: SSSD 1.16.1)

2 years ago

master:

Metadata Update from @jhrozek:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)

2 years ago

Metadata Update from @lslebodn:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field patch reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue close_status updated to: Fixed
- Issue set to the milestone: SSSD 1.16.1 (was: SSSD 2.0)
- Issue status updated to: Closed (was: Open)

2 years ago

Login to comment on this ticket.

Metadata