Learn more about these different git repos.
Other Git URLs
https://bugzilla.redhat.com/show_bug.cgi?id=875740 (Red Hat Enterprise Linux 6)
Description of problem: SSSD ignores options from "defaults" entry in LDAP Version-Release number of selected component (if applicable): libsss_autofs-1.9.2-7.el6.x86_64 sssd-1.9.2-7.el6.x86_64 libsss_sudo-1.9.2-7.el6.x86_64 libsss_idmap-1.9.2-7.el6.x86_64 sssd-client-1.9.2-7.el6.x86_64 sudo-1.8.6p3-5.el6.x86_64 How reproducible: always Steps to Reproduce: 1. Use the attached LDIF file to fill LDAP directory 2. Use the attached sssd.conf as the base for client configuration 3. Execute "su -c 'sudo -u user2 whoami' user1" as root Actual results: sudo: no tty present and no askpass program specified Expected results: user2 Additional info: If the sudoOption attributes are moved to the cn=test entry instead, sudo behaves as documented.
cn=defaults is a special rule that contains default options. This rule doesn't have to have sudoHost attribute specified which was unexpected (it is mandatory on other rules). We need to amend filter in provider so we don't require this attribute on cn=defaults rule.
blockedby: => blocking: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => owner: somebody => pbrezina status: new => assigned testsupdated: => 0
Fields changed
patch: 0 => 1
This is quite important to get in and there is a patch available. Moving to 1.9.3
milestone: NEEDS_TRIAGE => SSSD 1.9.3
resolution: => fixed status: assigned => closed
Metadata Update from @pbrezina: - Issue assigned to pbrezina - Issue set to the milestone: SSSD 1.9.3
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2682
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.