Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 8): Bug 1741452
Description of problem: Providing an empty smart card PIN (for example by just pressing ENTER on pin prompt) is registered by SSSD as an authentication attempt. This will fail and increase the failed pin count on the card. Empty PIN inputs should not register as an authentication attempt. In other pam modules such as pam_unix and pam_pkcs11 this behaviour is configurable with the 'nullok' parameter. Version-Release number of selected component (if applicable): sssd-2.2.0-1.el8.x86_64 How reproducible: Always Steps to Reproduce: 1. Trigger a smart card authentication with for example sudo or session login 2. Press ENTER without inputting PIN 3. Actual results: SSSD tries to unlock smart card with the empty PIN which fails and increase the failed pin count on the card. Expected results: SSSD should ignore the authentication attempt. Additional info:
Metadata Update from @sbose: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1741452
Metadata Update from @sbose: - Issue assigned to sbose
PR: https://github.com/SSSD/sssd/pull/870
Metadata Update from @sbose: - Custom field patch adjusted to on
Master:
Metadata Update from @sbose: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/5036
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.