Learn more about these different git repos.
Other Git URLs
Currently the list of PAM services where Smartcard authentication is considered is hardcoded. It should be maked configurable at compile and run-time
Fields changed
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=1298627 1298627]
milestone: NEEDS_TRIAGE => SSSD 1.14 alpha
Lukas agreed on sssd-devel that he would like to work on this ticket, reassigning.
owner: sbose => lslebodn
resolution: => fixed status: new => closed
Ugh, sorry, wrong ticket :-(
resolution: fixed => status: closed => reopened
patch: 0 => 1
Need to release the Alpha tarball today.
milestone: SSSD 1.14 alpha => SSSD 1.14 beta
Need to release the Beta tarball today.
milestone: SSSD 1.14 beta => SSSD 1.14.0
Downstream BZ -> increase in priority.
priority: major => critical
1.14.0 is about to be released.
milestone: SSSD 1.14.0 => SSSD 1.14.1
milestone: SSSD 1.14.1 => SSSD 1.14.2
It's not clear to me if this ticket needs to stay in 1.14 or can be fixed in 1.15 or even later. Moving to triage.
milestone: SSSD 1.14.2 => NEEDS_TRIAGE
Can you please elaborate what does it mean it is hardcoded? What is the current user experience? In which cases user is expected to use his SC and in which cases not?
I only had a few comments about the latest patch on the list, so it might be possible to still add it to 1.14.
Dmitri, the current hardcoded list include "login", "su", "su-l", "gdm-smartcard", "gdm-password", "kdm", "sudo", "sudo-i" and "gnome-screensaver" which are the services on Fedora and RHEL where we think it makes sense to allow Smartcard authentication. Making this list configurable will allow other distributions to use different names for some of the PAM services and make it easier to support now services like e.g. other window managers.
FWIW, I'm absolutely not opposed to us pushing the patch when it's finished. The only thing I disliked was seeing 30+ open tickets in the 1.14 milestone when we're already planning the 1.15 one. I just didn't want us to lose focus and forget about tickets.
OK, moving back to 1.14, because the patch is close to being done and it might benefit other distributions, in particular Ubuntu that uses a different login manager than GDM by default.
milestone: NEEDS_TRIAGE => SSSD 1.14.2
Moving tickets that didn't make it into the 1.14.2 release into the next point release.
milestone: SSSD 1.14.2 => SSSD 1.14.3
Metadata Update from @sbose: - Issue assigned to lslebodn - Issue set to the milestone: SSSD 1.14.3
master: 93caaf2
Metadata Update from @fidencio: - Custom field design_review reset (from 0) - Custom field mark reset (from 0) - Custom field patch adjusted to on (was: 1) - Custom field review reset (from 0) - Custom field sensitive reset (from 0) - Custom field testsupdated reset (from 0) - Issue close_status updated to: None
Metadata Update from @fidencio: - Custom field design_review reset (from false) - Custom field mark reset (from false) - Custom field review reset (from false) - Custom field sensitive reset (from false) - Custom field testsupdated reset (from false) - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Metadata Update from @jhrozek: - Custom field design_review reset (from false) - Custom field mark reset (from false) - Custom field review reset (from false) - Custom field sensitive reset (from false) - Custom field testsupdated reset (from false) - Issue set to the milestone: SSSD 2.0 (was: SSSD 1.14.3)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3967
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Log in to comment on this ticket.