Issue #2432: RFE: sssd should support time format without minutes and seconds in sudo entries - sssd

SSSD / sssd

#2432 RFE: sssd should support time format without minutes and seconds in sudo entries

Closed: Invalid None Opened 9 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1138255

Description of problem:
sssd doesn't support time format without minutes and seconds in sudo entries
(sudoNotBefore and sudoNotAfter).

Minutes and seconds portions are optional according to sudoers.ldap man page.
It says:
he minute and seconds portions are optional, but some LDAP servers require that
they be present (contrary to the RFC).


dn: cn=rule_allow,ou=Sudoers,dc=my-domain,dc=com
objectClass: top
objectClass: sudoRole
cn: rule_allow
sudoHost: ALL
sudoUser: userallowed
sudoCommand: ALL
sudoNotBefore: 2014090309Z

[test]date -u
Thu Sep  4 09:27:38 UTC 2014

[test]su - userallowed -c 'sudo true'
su: warning: cannot change directory to /home/userallowed: No such file or
directory
userallowed is not allowed to run sudo on rhel7.  This incident will be
reported.

/var/log/sssd/sssd_sudo.log contains 'Invalid time format in rule
[rule_allow]!'

Version-Release number of selected component (if applicable):
sssd-1.11.2-65.el7
sudo-1.8.6p7-11.el7

How reproducible:
always

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

jhrozek commented 9 years ago

Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1138555 (Red Hat Enterprise Linux 6)

rhbz: [https://bugzilla.redhat.com/show_bug.cgi?id=1138255 1138255] => [https://bugzilla.redhat.com/show_bug.cgi?id=1138255 1138255], [https://bugzilla.redhat.com/show_bug.cgi?id=1138555 1138555]

jhrozek commented 9 years ago

Fields changed

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
milestone: NEEDS_TRIAGE => SSSD 1.15 beta
review: True => 0
selected: =>
testsupdated: => 0

jhrozek commented 7 years ago

I would just close this as wontfix.

mark: => 0
review: 0 => 1
selected: => Not need
sensitive: => 0

jhrozek commented 7 years ago

We decided we woulnd't implement this RFE because it was opened for more than 2 years without a patch being submitted or anyone being really interested in contributing a patch. Closing.

resolution: => wontfix
status: new => closed

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD Future releases (no date set yet)

7 years ago

pbrezina commented 3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3474

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

major

Milestone

SSSD Future releases (no date set yet)

type

enhancement

component

SSSD

version

None

selected

Not need

testsupdated

patch

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=1138255, https://bugzilla.redhat.com/show_bug.cgi?id=1138555

design_review

review

changelog

None

keywords

None

coverity

None

mark

blocking

None

design

None

sensitive

None

blockedby

None

feature_milestone

None

SSSD / sssd

Source Code

Documentation

#2432 RFE: sssd should support time format without minutes and seconds in sudo entries Closed: Invalid None Opened 9 years ago by jhrozek.

Metadata

#2432 RFE: sssd should support time format without minutes and seconds in sudo entries

Closed: Invalid None Opened 9 years ago by jhrozek.