Learn more about these different git repos.
Other Git URLs
Currently, we behave differently from pam_krb5.so during the pam_account phase. When pam_account calls into SSSD, we should have a kerberos access provider that invokes krb5_kuserok() with the user's principal.
This way, if the local system provides a .k5login file that would restrict access from this user, they are appropriately denied.
This should probably happen only when dealing with remote users, not those on the local console.
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.5.0
owner: somebody => sbose
Fixed by: - 1e29e68 - 0bbe206 - fab9c6a - c3593ef - b872330 - e7a4ea9
fixedin: => 1.5.0 resolution: => fixed status: new => closed
rhbz: => 0
Metadata Update from @sgallagh: - Issue assigned to sbose - Issue set to the milestone: SSSD 1.5.0
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/1660
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.