Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

winrm: added flag handler for kinit to request forwardable ticket when delegation is set #37815

Merged
merged 1 commit into from Apr 10, 2018
Merged

winrm: added flag handler for kinit to request forwardable ticket when delegation is set #37815

merged 1 commit into from Apr 10, 2018

Conversation

jborean93
Copy link
Contributor

SUMMARY

When ansible_winrm_kerberos_delegation: true is set and Ansible is set to manage the Kerberos tickets, you would expect it to retrieve a forward-able ticket so the delegation actually works. Heimdal does it by default when calling kinit but it seems like MIT krb5 does not. This change adds the -f flag to kinit when ansible_winrm_kerberos_delegation is set to True.

Fixes #37683

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

winrm

ANSIBLE VERSION
devel

@jborean93 jborean93 mentioned this pull request Mar 23, 2018
Closed
@ansibot
Copy link
Contributor

ansibot commented Mar 23, 2018

cc @nitzmahone
click here for bot help

@ansibot ansibot added bug This issue/PR relates to a bug. needs_triage Needs a first human triage before being processed. support:core This issue/PR relates to code supported by the Ansible Engineering Team. windows Windows community labels Mar 23, 2018
@mkrizek mkrizek removed the needs_triage Needs a first human triage before being processed. label Mar 23, 2018
@ansibot ansibot added the stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. label Mar 31, 2018
@nitzmahone nitzmahone merged commit 22f2388 into ansible:devel Apr 10, 2018
@jborean93 jborean93 deleted the winrm-kinit-forwardable branch April 10, 2018 01:06
jborean93 added a commit to jborean93/ansible that referenced this pull request Apr 10, 2018
@jborean93
winrm: added flag handler for kinit to request forwardable ticket whe…
0a6c898 
…n delegation is set (ansible#37815)

(cherry picked from commit 22f2388)
@jborean93 jborean93 mentioned this pull request Apr 10, 2018
Merged
@jborean93
Copy link
Contributor Author

jborean93 commented Apr 10, 2018
edited

Backport to stable-2.5 PR #38508

jborean93 added a commit that referenced this pull request Apr 10, 2018
@jborean93
winrm: backport 2.5 added flag handler for kinit to request forwardab…
0525d4c 
…le ticket when delegation is set (#38508)

* winrm: added flag handler for kinit to request forwardable ticket when delegation is set (#37815)

(cherry picked from commit 22f2388)

* Added changelog fragment
@jborean93 jborean93 mentioned this pull request May 20, 2018
Closed
ilicmilan pushed a commit to ilicmilan/ansible that referenced this pull request Nov 7, 2018
@jborean93 @ilicmilan
winrm: added flag handler for kinit to request forwardable ticket whe…
c433f65 
…n delegation is set (ansible#37815)
@ansible ansible locked and limited conversation to collaborators Apr 27, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@nitzmahone nitzmahone nitzmahone approved these changes

Assignees
No one assigned
Labels
bug This issue/PR relates to a bug. stale_ci This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested. support:core This issue/PR relates to code supported by the Ansible Engineering Team. windows Windows community
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ansible_winrm_kerberos_delegation=true does not request a forwardable ticket
4 participants
@jborean93 @ansibot @nitzmahone @mkrizek