ok, I'm unable to reproduce this with unpatched 5.1.9. It's not required to reproduce the bug to fix this in oracular, but for an SRU, I would need a test case.
What I tried: - created a principal (with the default name as expected by autofs) with a 60s ticket life time: sudo kadmin.local getprinc autofsclient/$(hostname) Principal: autofsclient/[email protected] Expiration date: [never] Last password change: Mon Aug 19 17:17:56 UTC 2024 Password expiration date: [never] Maximum ticket life: 0 days 00:01:00 Maximum renewable life: 7 days 00:00:00 Last modified: Mon Aug 19 17:56:28 UTC 2024 (root/[email protected]) Last successful authentication: Mon Aug 19 18:13:12 UTC 2024 Last failed authentication: [never] Failed password attempts: 0 Number of keys: 2 Key: vno 2, aes256-cts-hmac-sha1-96 Key: vno 2, aes128-cts-hmac-sha1-96 MKey: vno 1 Attributes: REQUIRES_PRE_AUTH Policy: [none] - exported that principal into the keytab: $ sudo klist -k Keytab name: FILE:/etc/krb5.keytab KVNO Principal ---- -------------------------------------------------------------------------- 2 ldap/[email protected] 2 ldap/[email protected] 2 autofsclient/[email protected] 2 autofsclient/[email protected] - configured autofs timeout to 30s: $ grep ^timeout /etc/autofs.conf timeout = 30 - /etc/autofs_ldap_auth.conf: <autofs_ldap_sasl_conf usetls="no" tlsrequired="no" authrequired="yes" authtype="GSSAPI" clientprinc="autofsclient/[email protected]" /> - setup indirect mount in ldap, such that "ls -la /mnt/storage" will try to "mount localhost:/storage /mnt" - that works, and after 30s, the mountpoint is removed, and after 1min I can just repeat the ls, and it will be mounted again, so getting the kerberos auth working works I'm missing where the renewal is happening. It looks like autofs is just getting another tgt using the keytab, not caring about renewal, which makes sense. I'm missing something in this bug. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2074003 Title: autofs fails to renew Kerberos ticket To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/autofs/+bug/2074003/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
