#1640 "defaults" entry ignored
Closed: Fixed None Opened 9 years ago by pbrezina.

https://bugzilla.redhat.com/show_bug.cgi?id=875740 (Red Hat Enterprise Linux 6)

Description of problem:
SSSD ignores options from "defaults" entry in LDAP

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Use the attached LDIF file to fill LDAP directory
2. Use the attached sssd.conf as the base for client configuration
3. Execute "su -c 'sudo -u user2 whoami' user1" as root

Actual results:
sudo: no tty present and no askpass program specified

Expected results:

Additional info:
If the sudoOption attributes are moved to the cn=test entry instead, sudo
behaves as documented.

cn=defaults is a special rule that contains default options. This rule doesn't have to have sudoHost attribute specified which was unexpected (it is mandatory on other rules). We need to amend filter in provider so we don't require this attribute on cn=defaults rule.

blockedby: =>
blocking: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
owner: somebody => pbrezina
status: new => assigned
testsupdated: => 0

Fields changed

patch: 0 => 1

This is quite important to get in and there is a patch available. Moving to 1.9.3

milestone: NEEDS_TRIAGE => SSSD 1.9.3

resolution: => fixed
status: assigned => closed

Metadata Update from @pbrezina:
- Issue assigned to pbrezina
- Issue set to the milestone: SSSD 1.9.3

4 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2682

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.