#3933 HBAC: Always allow the systemd-user service
Closed: cloned-to-github 2 years ago by pbrezina. Opened 3 years ago by jhrozek.

As the user-scoped systemd sessions run pam_acct_mgmt('systemd-user') we should just allow this service. See e.g. discussion in ticket #3932.


btw we should have a way for distributions to opt-out of this, maybe if systemd is selected as the init systemd, this feature could be enabled by default?

May be. On a similar note, perhaps, enabling system-auth PAM service by default in ipa_server_mode = True would be good too?

Metadata Update from @jhrozek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1680580

3 years ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 2.1

3 years ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 2.2 (was: SSSD 2.1)

3 years ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 2.3 (was: SSSD 2.2)

2 years ago

Metadata Update from @thalman:
- Issue tagged with: bugzilla

2 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4913

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @pbrezina:
- Issue close_status updated to: cloned-to-github
- Issue status updated to: Closed (was: Open)

2 years ago

Login to comment on this ticket.

Metadata