#856 Automatic TGT renewal overwrites cached password
Closed: Fixed None Opened 9 years ago by sgallagh.

When the internal ticket renewal process runs, it has the Kerberos credential cache saved into the 'authtok' member attribute of the PAM data. So after it successfully renews the ticket, we're saving this value to the cache.

We need to skip updating the cached password if it's happening during automatic ticket renewal.


Fields changed

description: When the internal ticket renewal process runs,
it has the Kerberos credential cache saved into the 'authtok' member attribute
of the PAM data. So after it successfully renews the ticket, we're saving this
value to the cache.

We need to skip updating the cached password if it's happening during automatic
ticket renewal. => When the internal ticket renewal process runs, it has the Kerberos credential cache saved into the 'authtok' member attribute of the PAM data. So after it successfully renews the ticket, we're saving this value to the cache.

We need to skip updating the cached password if it's happening during automatic ticket renewal.
patch: 0 => 1
status: new => assigned

Fixed by:

master:
- fffdae8
- 08c427f

sssd-1-5:
- da03c01
- 0b2e441

resolution: => fixed
status: assigned => closed

Fields changed

rhbz: => 0

Metadata Update from @sgallagh:
- Issue assigned to sgallagh
- Issue set to the milestone: SSSD 1.5.7

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/1898

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata