Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1138255
Description of problem: sssd doesn't support time format without minutes and seconds in sudo entries (sudoNotBefore and sudoNotAfter). Minutes and seconds portions are optional according to sudoers.ldap man page. It says: he minute and seconds portions are optional, but some LDAP servers require that they be present (contrary to the RFC). dn: cn=rule_allow,ou=Sudoers,dc=my-domain,dc=com objectClass: top objectClass: sudoRole cn: rule_allow sudoHost: ALL sudoUser: userallowed sudoCommand: ALL sudoNotBefore: 2014090309Z [test]date -u Thu Sep 4 09:27:38 UTC 2014 [test]su - userallowed -c 'sudo true' su: warning: cannot change directory to /home/userallowed: No such file or directory userallowed is not allowed to run sudo on rhel7. This incident will be reported. /var/log/sssd/sssd_sudo.log contains 'Invalid time format in rule [rule_allow]!' Version-Release number of selected component (if applicable): sssd-1.11.2-65.el7 sudo-1.8.6p7-11.el7 How reproducible: always Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1138555 (Red Hat Enterprise Linux 6)
rhbz: [https://bugzilla.redhat.com/show_bug.cgi?id=1138255 1138255] => [https://bugzilla.redhat.com/show_bug.cgi?id=1138255 1138255], [https://bugzilla.redhat.com/show_bug.cgi?id=1138555 1138555]
Fields changed
blockedby: => blocking: => changelog: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => milestone: NEEDS_TRIAGE => SSSD 1.15 beta review: True => 0 selected: => testsupdated: => 0
I would just close this as wontfix.
mark: => 0 review: 0 => 1 selected: => Not need sensitive: => 0
We decided we woulnd't implement this RFE because it was opened for more than 2 years without a patch being submitted or anyone being really interested in contributing a patch. Closing.
resolution: => wontfix status: new => closed
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD Future releases (no date set yet)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3474
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.