[NetApp] Missing Kerberos authentication methods for NFS access rules
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Shared File Systems Service (Manila) |
Fix Released
|
Medium
|
Douglas Viroel |
Bug Description
Description
===========
When creating an access rule for a NFS share, which is configured with kerberos authentication, the rule authentication method isn't been properly configured. For kerberos, the access rules must be associated with at least one of the following: krb5, krb5i or krb5p.
This bug was observed on a NetApp backend.
Steps to reproduce
==================
1. Create a security service with Kerberos configuration.
2. Associate the security service to a share network.
3. Create a NFS share using the share network (DHSS=True).
4. Allow access to the share for an IP address.
Expected result
===============
In the storage system, we expect that the new access rules is configured with kerberos authentication methods.
Actual result
=============
The access rule is configure with NFS AUTH_SYS only.
Environment
===========
1. Openstack version: Victoria
2. Storage backend: ONTAP 9.7
3. Network type: Neutron Network Plugin
Changed in manila: | |
importance: | Undecided → Medium |
Changed in manila: | |
assignee: | Douglas Viroel (dviroel) → Zahid Hasan (akkim31) |
status: | New → Fix Released |
Changed in manila: | |
assignee: | Zahid Hasan (akkim31) → Douglas Viroel (dviroel) |
status: | Fix Released → Triaged |
Changed in manila: | |
milestone: | wallaby-2 → wallaby-3 |
Changed in manila: | |
status: | In Progress → Fix Released |
Additional comments http:// eavesdrop. openstack. org/meetings/ manila/ 2020/manila. 2020-12- 10-15.02. log.html