#1701 sudo denies access with disabled ldap_sudo_use_host_filter
Closed: Fixed None Opened 7 years ago by jhrozek.

https://bugzilla.redhat.com/show_bug.cgi?id=885105 (Red Hat Enterprise Linux 6)

Description of problem:
sudo denies access when ldap_sudo_use_host_filter is disabled. Also, it seems
the "defaults" entry is ignored.

Version-Release number of selected component (if applicable):
sssd-client-1.9.2-34.el6.x86_64
sudo-1.8.6p3-6.el6.x86_64
libsss_idmap-1.9.2-34.el6.x86_64
sssd-1.9.2-34.el6.x86_64
libsss_sudo-1.9.2-34.el6.x86_64

How reproducible:
always

Steps to Reproduce:
1. Use the attached "sudo_host_filter_test.ldif" file to fill LDAP directory.
2. Use the attached "sssd.conf" file as the base for SSSD configuration.
3. Execute "su -c 'sudo -u user2 true' user1 && echo allowed || echo denied" as
root.

Actual results:
sudo: no tty present and no askpass program specified
denied

Expected results:
allowed

blockedby: =>
blocking: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
milestone: NEEDS_TRIAGE => SSSD 1.9.4
patch: 0 => 1
resolution: => fixed
status: new => closed
testsupdated: => 0

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.9.4

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2743

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata