-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add checker for service keytabs #175
Comments
rcritten
added a commit
to rcritten/freeipa-healthcheck
that referenced
this issue
Mar 29, 2023
There are quite a few other keytabs in use in IPA other than just the host keytab. Validate that kinit in that keytab works if the service is configured. Fixes: freeipa#175 Signed-off-by: Rob Crittenden <rcritten@redhat.com>
rcritten
added a commit
to rcritten/freeipa-healthcheck
that referenced
this issue
Apr 28, 2023
There are quite a few other keytabs in use in IPA other than just the host keytab. Validate that kinit in that keytab works if the service is configured. Fixes: freeipa#175 Signed-off-by: Rob Crittenden <rcritten@redhat.com>
rcritten
added a commit
to rcritten/freeipa-healthcheck
that referenced
this issue
Oct 10, 2023
There are quite a few other keytabs in use in IPA other than just the host keytab. Validate that kinit in that keytab works if the service is configured. Fixes: freeipa#175 Signed-off-by: Rob Crittenden <rcritten@redhat.com>
rcritten
added a commit
to rcritten/freeipa-healthcheck
that referenced
this issue
Oct 13, 2023
There are quite a few other keytabs in use in IPA other than just the host keytab. Validate that kinit in that keytab works if the service is configured. Fixes: freeipa#175 Signed-off-by: Rob Crittenden <rcritten@redhat.com>
rcritten
added a commit
to rcritten/freeipa-healthcheck
that referenced
this issue
Oct 16, 2023
There are quite a few other keytabs in use in IPA other than just the host keytab. Validate that kinit in that keytab works if the service is configured. Fixes: freeipa#175 Signed-off-by: Rob Crittenden <rcritten@redhat.com>
rcritten
added a commit
that referenced
this issue
Oct 16, 2023
There are quite a few other keytabs in use in IPA other than just the host keytab. Validate that kinit in that keytab works if the service is configured. Fixes: #175 Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Please include checkers for service keytabs to verify that keytabs and KRB5 configuration is working correctly. For example we just had a case of a broken config snippet that could not be read by dirsrv user.
Keytabs
Each checker should be executed with the effective uid and gid of the service. You could use
runuser
:The text was updated successfully, but these errors were encountered: