2024-01-11 14:47:16 |
Fabio Augusto Miranda Martins |
bug |
|
|
added bug |
2024-01-12 00:53:46 |
Launchpad Janitor |
adsys (Ubuntu): status |
New |
Confirmed |
|
2024-01-15 06:17:46 |
Thomas Bechtold |
bug |
|
|
added subscriber Thomas Bechtold |
2024-01-29 10:18:45 |
Jean-Baptiste Lallement |
adsys (Ubuntu): importance |
Undecided |
Critical |
|
2024-01-29 10:18:55 |
Jean-Baptiste Lallement |
adsys (Ubuntu): status |
Confirmed |
Triaged |
|
2024-01-29 10:19:13 |
Jean-Baptiste Lallement |
adsys (Ubuntu): assignee |
|
Gabriel Nagy (gabuscus) |
|
2024-03-28 08:03:45 |
Launchpad Janitor |
adsys (Ubuntu): status |
Triaged |
Fix Released |
|
2024-06-26 13:10:01 |
Gabriel Nagy |
description |
In an environment where /etc/krb5.conf sets "default_ccache_name = FILE:/tmp/krb5cc_%{uid}" and you don't have the KRB5CCNAME variable set, running "adsysctl update" with a AD domain user will fail.
If you either export the variable with the path to the kerberos ticket OR run the command "adsysctl update <user@domain> <path_to_kerberos_ticket>" it works.
The adsysctl command should fallback to the default location when KRB5CCNAME is not defined or have a mechanism to query klist and find the Kerberos tickets location.
Given that adsys can't find Kerberos tickets when `klist` does. It seems like a feature parity issue, granted, an edge case.
Here is an example of a reproducer:
https://pastebin.ubuntu.com/p/FjyTWQChjM/
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: adsys 0.9.2~22.04.2
ProcVersionSignature: Ubuntu 6.2.0-1014.14~22.04.1-aws 6.2.16
Uname: Linux 6.2.0-1014-aws x86_64
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckResult: unknown
CloudArchitecture: x86_64
CloudID: aws
CloudName: aws
CloudPlatform: ec2
CloudRegion: us-west-2
CloudSubPlatform: metadata (http://169.254.169.254)
CurrentDesktop: ubuntu:GNOME
Date: Thu Jan 11 11:39:06 2024
Ec2AMI: ami-00094f7041bb1b79d
Ec2AMIManifest: (unknown)
Ec2Architecture: x86_64
Ec2AvailabilityZone: us-west-2b
Ec2Imageid: ami-00094f7041bb1b79d
Ec2InstanceType: t3.large
Ec2Instancetype: t3.large
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Ec2Region: us-west-2
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=en_US.utf8
SHELL=/bin/bash
RebootRequiredPkgs: Error: path contained symlinks.
RelatedPackageVersions:
sssd 2.6.3-1ubuntu3.2
python3-samba 2:4.15.13+dfsg-0ubuntu1.5
SourcePackage: adsys
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.polkit-1.localauthority.conf.d.99-adsys-privilege-enforcement.conf: [deleted]
modified.conffile..etc.sudoers.d.99-adsys-privilege-enforcement: [deleted] |
This bug is not being verified individually because of the use of the SRU exception process (LP: #2059756)
-----
In an environment where /etc/krb5.conf sets "default_ccache_name = FILE:/tmp/krb5cc_%{uid}" and you don't have the KRB5CCNAME variable set, running "adsysctl update" with a AD domain user will fail.
If you either export the variable with the path to the kerberos ticket OR run the command "adsysctl update <user@domain> <path_to_kerberos_ticket>" it works.
The adsysctl command should fallback to the default location when KRB5CCNAME is not defined or have a mechanism to query klist and find the Kerberos tickets location.
Given that adsys can't find Kerberos tickets when `klist` does. It seems like a feature parity issue, granted, an edge case.
Here is an example of a reproducer:
https://pastebin.ubuntu.com/p/FjyTWQChjM/
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: adsys 0.9.2~22.04.2
ProcVersionSignature: Ubuntu 6.2.0-1014.14~22.04.1-aws 6.2.16
Uname: Linux 6.2.0-1014-aws x86_64
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckResult: unknown
CloudArchitecture: x86_64
CloudID: aws
CloudName: aws
CloudPlatform: ec2
CloudRegion: us-west-2
CloudSubPlatform: metadata (http://169.254.169.254)
CurrentDesktop: ubuntu:GNOME
Date: Thu Jan 11 11:39:06 2024
Ec2AMI: ami-00094f7041bb1b79d
Ec2AMIManifest: (unknown)
Ec2Architecture: x86_64
Ec2AvailabilityZone: us-west-2b
Ec2Imageid: ami-00094f7041bb1b79d
Ec2InstanceType: t3.large
Ec2Instancetype: t3.large
Ec2Kernel: unavailable
Ec2Ramdisk: unavailable
Ec2Region: us-west-2
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=en_US.utf8
SHELL=/bin/bash
RebootRequiredPkgs: Error: path contained symlinks.
RelatedPackageVersions:
sssd 2.6.3-1ubuntu3.2
python3-samba 2:4.15.13+dfsg-0ubuntu1.5
SourcePackage: adsys
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.polkit-1.localauthority.conf.d.99-adsys-privilege-enforcement.conf: [deleted]
modified.conffile..etc.sudoers.d.99-adsys-privilege-enforcement: [deleted] |
|
2024-06-28 20:41:35 |
Steve Langasek |
adsys (Ubuntu Jammy): status |
New |
Fix Committed |
|
2024-06-28 20:41:36 |
Steve Langasek |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2024-06-28 20:41:38 |
Steve Langasek |
bug |
|
|
added subscriber SRU Verification |
2024-06-28 20:41:40 |
Steve Langasek |
tags |
amd64 apport-bug ec2-images jammy |
amd64 apport-bug ec2-images jammy verification-needed verification-needed-jammy |
|
2024-07-04 12:03:19 |
Gabriel Nagy |
tags |
amd64 apport-bug ec2-images jammy verification-needed verification-needed-jammy |
amd64 apport-bug ec2-images jammy verification-done verification-done-jammy |
|
2024-07-04 18:34:17 |
Andreas Hasenack |
adsys (Ubuntu Mantic): status |
New |
Fix Committed |
|
2024-07-04 18:34:23 |
Andreas Hasenack |
tags |
amd64 apport-bug ec2-images jammy verification-done verification-done-jammy |
amd64 apport-bug ec2-images jammy verification-done-jammy verification-needed verification-needed-mantic |
|
2024-07-05 08:17:27 |
Gabriel Nagy |
tags |
amd64 apport-bug ec2-images jammy verification-done-jammy verification-needed verification-needed-mantic |
amd64 apport-bug ec2-images jammy verification-done verification-done-jammy verification-done-mantic |
|
2024-07-09 18:11:25 |
Launchpad Janitor |
adsys (Ubuntu Jammy): status |
Fix Committed |
Fix Released |
|
2024-07-09 18:11:25 |
Launchpad Janitor |
cve linked |
|
2024-3094 |
|
2024-07-09 18:12:08 |
Brian Murray |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2024-07-25 20:39:20 |
Brian Murray |
adsys (Ubuntu Mantic): status |
Fix Committed |
Won't Fix |
|