Hello all,
I'm trying to get katello (running on centos7) to work with freeipa and libvirt.
Now I got libvirt already configured to accept kerberized authentication using sasl and gssapi. Now I want to try to get the foreman (katello) to use a keytab through gssproxy, but sadly ran into a dependency problem with the gssproxy package.
I wanted to try to use gssproxy, since the suggesyed solution using a ssh-key that grants root access without password is kinda ugly if you ask me ( remote root via ssh beeing one fo the uglies, full root acces when only libvirt access is required beeing another ). explained here : http://theforeman.org/manuals/1.6/index.html#5.2.5LibvirtNotes
When I try to install gssproxy on my katello machine it tells me that it only works with a specific version of certain packages :
Error: Package: gssproxy-0.3.0-9.el7.x86_64 (base) Requires: libcollection.so.2()(64bit) Available: libcollection-0.6.2-22.el7.x86_64 (base) libcollection.so.2()(64bit) Installed: libcollection-0.6.2-23.el7.centos.x86_64 (@adelton-identity_demo) ~libcollection.so.4()(64bit) Error: Package: gssproxy-0.3.0-9.el7.x86_64 (base) Requires: libini_config.so.3()(64bit) Available: libini_config-1.0.0.1-22.el7.x86_64 (base) libini_config.so.3()(64bit) Installed: libini_config-1.1.0-23.el7.centos.x86_64 (@adelton-identity_demo) ~libini_config.so.5()(64bit
Ofcourse this is not so weird since katello requires quite a few non default repositories to work properly and even some more if you wish to integrate it with freeipa.
The culprit in this case is the 'adelton-identity_demo' repository which is required to get the authentication from freeipa to work in katello. ( explained here : http://theforeman.org/manuals/1.6/index.html#5.7.3KerberosSingleSign-On )
So the two packages are libcollection and libini_config
As you can see below they are both from the adelton repo.
Since they are both only a minor realease above the required package, does it break gssproxy if I ignore those dependencies ?
Rob
yum list --showduplicates libini_config <snip> Installed Packages libini_config.x86_64 1.1.0-23.el7.centos @adelton-identity_demo Available Packages libini_config.i686 1.0.0.1-22.el7 base libini_config.x86_64 1.0.0.1-22.el7 base libini_config.x86_64 1.1.0-23.el7.centos adelton-identity_demo
yum list --showduplicates libcollection <snip> Installed Packages libcollection.x86_64 0.6.2-23.el7.centos @adelton-identity_demo Available Packages libcollection.i686 0.6.2-22.el7 base libcollection.x86_64 0.6.2-22.el7 base libcollection.x86_64 0.6.2-23.el7.centos adelton-identity_demo