Learn more about these different git repos.
Other Git URLs
When using a userCertificate following instructions https://fy.blackhats.net.au/blog/html/2018/02/27/smartcards_and_you_how_to_make_them_work_on_fedora_rhel.html (except AD, not ldap). The userCertificate is not able to be accessed if the backend provider is offline.
This manfests in two ways. After a reboot, the provider requests a password, even if the CCID is connected. (not the pin for CCID auth)
# opensc-tool -l # Detected readers (pcsc) Nr. Card Features Name 0 No Alcor Micro AU9560 00 00 1 Yes Yubico Yubikey 4 OTP+U2F+CCID 01 00
If you move from online to offline IE suspend/resume, SSSD will infinite loop and will cause GDM to hang indefinitely.
This is rather easy to reproduce give the configuration.
sssd-1.16.2-1.1.x86_64 openSUSE tumbleweed
So far we agreed to fix this in the 2.x branch and backport later. Thank you for the bug report.
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 2.1
Hi @firstyear,
I cannot reproduce the issue with a current version of SSSD. Tumbleweed now has SSSD-2.0, do you still see this the issue with recent version of Tumbleweed? If that's the case, can you attach logs?
bye, Sumit
I'm going to close this issue since there was no reply for 4 months. Please reopen later if this ticket is still valid.
Metadata Update from @jhrozek: - Issue close_status updated to: worksforme - Issue status updated to: Closed (was: Open)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/4793
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.