#3292 RFE: Create troubleshooting tool to check authentication, authorization and extended attribute lookup
Closed: Fixed 6 years ago Opened 7 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1414023

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

Current understanding of the development is that this tool should allow customer or a support engineer to:

  • check authentication of the user via selected PAM service (there should be an option) to make sure user+password is corecct
  • check authorization of the user (also via selected PAM service), to make sure IdM HBAC are set correctly
  • check that user identity and extended attributes are readable via DBUS call

This is currently proposed scope of the tool.

With respect to authentication and authorization there is already pam_test_client which currently accepts an action 'auth' or 'acct' and a user name. It currently uses a hardcoded test service but it would be easy to add another command line parameter for the service.


Fields changed

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
patch: => 0
review: True => 0
selected: =>
summary: Create troubleshooting tool to determine if a failure is in SSSD or not when using layered products like RH-SSO/CFME etc. => RFE: Create troubleshooting tool to check authentication, authorization and extended attribute lookup
testsupdated: => 0
type: defect => enhancement

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.16 Beta
priority: major => minor

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.15.3

7 years ago

Metadata Update from @sbose:
- Issue assigned to sbose

7 years ago

Metadata Update from @sbose:
- Custom field design_review reset
- Custom field mark reset
- Custom field patch adjusted to on (was: 0)
- Custom field review reset
- Custom field sensitive reset
- Custom field testsupdated reset
- Issue close_status updated to: None

7 years ago

Metadata Update from @lslebodn:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)

6 years ago

Metadata Update from @lslebodn:
- Custom field design_review reset (from false)
- Custom field mark reset (from false)
- Custom field review reset (from false)
- Custom field sensitive reset (from false)
- Custom field testsupdated reset (from false)
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

6 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4325

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata