action #61013
closed[sle][security][sle15sp2] FIPS test cases fips_tests_crypt_krb5_kdc failed in fips_setup: "zypper in fips failed, no provider found"
0%
Description
Observation¶
openQA test in scenario sle-15-SP2-Online-x86_64-fips_tests_crypt_krb5_kdc@64bit fails in
fips_setup
FIPS test cases fips_tests_crypt_krb5_kdc failed in fips_setup: "zypper in fips failed, no provider found"
Just guess the multi machine settings may have effect on this.
"NETWORKS" = "fixed"
"NICTYPE" = "tap"
Need more investigation on this.
Test suite description¶
Maintainer: bchou@suse.com
Reproducible¶
Fails since (at least) Build 93.1
Expected result¶
Last good: (unknown) (or more recent)
Further details¶
Always latest result in this scenario: latest
Updated by okurz over 4 years ago
This is an autogenerated message for openQA integration by the openqa_review script:
This bug is still referenced in a failing openQA test: fips_tests_crypt_krb5_client
https://openqa.suse.de/tests/3720868
To prevent further reminder comments one of the following options should be followed:
- The test scenario is fixed by applying the bug fix to the tested product or the test is adjusted
- The openQA job group is moved to "Released"
- The label in the openQA scenario is removed
Updated by okurz over 4 years ago
This is an autogenerated message for openQA integration by the openqa_review script:
This bug is still referenced in a failing openQA test: fips_ker_mode_tests_crypt_x11
https://openqa.suse.de/tests/3767315
To prevent further reminder comments one of the following options should be followed:
- The test scenario is fixed by applying the bug fix to the tested product or the test is adjusted
- The openQA job group is moved to "Released"
- The label in the openQA scenario is removed
Updated by okurz about 4 years ago
This is an autogenerated message for openQA integration by the openqa_review script:
This bug is still referenced in a failing openQA test: fips_tests_crypt_krb5_client
https://openqa.suse.de/tests/3823540
To prevent further reminder comments one of the following options should be followed:
- The test scenario is fixed by applying the bug fix to the tested product or the test is adjusted
- The openQA job group is moved to "Released"
- The label in the openQA scenario is removed
Updated by okurz about 4 years ago
This is an autogenerated message for openQA integration by the openqa_review script:
This bug is still referenced in a failing openQA test: fips_tests_crypt_krb5_client
https://openqa.suse.de/tests/3868316
To prevent further reminder comments one of the following options should be followed:
- The test scenario is fixed by applying the bug fix to the tested product or the test is adjusted
- The openQA job group is moved to "Released"
- The label in the openQA scenario is removed
Updated by okurz about 4 years ago
This is an autogenerated message for openQA integration by the openqa_review script:
This bug is still referenced in a failing openQA test: fips_tests_crypt_krb5_kdc
https://openqa.suse.de/tests/3908305
To prevent further reminder comments one of the following options should be followed:
- The test scenario is fixed by applying the bug fix to the tested product or the test is adjusted
- The openQA job group is moved to "Released"
- The label in the openQA scenario is removed
Updated by bchou about 4 years ago
- Status changed from New to In Progress
I checked and run the test krb cases were fail via network error, zypper fail about could not connect server. these cases are Multi Machine with the parameter "NETWORKS" = "fixed" , "NICTYPE" = "tap" , I am not sure if it is problem caused from the parameter. The same configure worked fine in SLE12SP5 testing previously.
The 3 machines testing in SLE15 SP2 (Failed)
fips_tests_crypt_krb5_client : https://openqa.suse.de/tests/3930742#step/fips_setup/2
fips_tests_crypt_krb5_kdc : https://openqa.suse.de/tests/3930740#step/fips_setup/2
fips_tests_crypt_krb5_server : https://openqa.suse.de/tests/3930741#step/fips_setup/2
The 3 machines testing in SLE12 SP5 (Passed)
fips_tests_crypt_krb5_client : https://openqa.suse.de/tests/3577098#step/fips_setup/2
fips_tests_crypt_krb5_kdc :https://openqa.suse.de/tests/3576892#step/fips_setup/2
fips_tests_crypt_krb5_server : https://openqa.suse.de/tests/3576913#step/fips_setup/2
Updated by okurz about 4 years ago
This is an autogenerated message for openQA integration by the openqa_review script:
This bug is still referenced in a failing openQA test: fips_tests_crypt_krb5_kdc
https://openqa.suse.de/tests/3983618
To prevent further reminder comments one of the following options should be followed:
- The test scenario is fixed by applying the bug fix to the tested product or the test is adjusted
- The openQA job group is moved to "Released"
- The label in the openQA scenario is removed
Updated by bchou about 4 years ago
- Status changed from In Progress to Resolved
krb cases investigating
After investigating from the openSSL release notes, Kerberos ciphersuite support was removed from openssl 1.1.0l and I think we can adjust the kerberos test cases away from FIPS mode setting. On the other hand, the test cases also can be kept and testing without FIPS mode and also make sure the kerberos general function worked in new product build. We can open a new poo to track this one after testing passed under openQA server.
Verification run:
fips_tests_crypt_krb5_kdc | http://10.100.202.37/tests/650
fips_tests_crypt_krb5_server | http://10.100.202.37/tests/651
fips_tests_crypt_krb5_client | http://10.100.202.37/tests/652