#982 Improve password policy error message
Closed: Fixed None Opened 10 years ago by sgallagh.

https://bugzilla.redhat.com/show_bug.cgi?id=733409

Description of problem:
Password policy error message should print something better than "Internal Error".

Version-Release number of selected component (if applicable):
sssd-1.5.1-47.el6

How reproducible:
Always

Steps to Reproduce:
1. Add a ldap user without any shadow attributes.
2. Set ldap_pwd_policy = shadow in sssd.conf
3. Try auth as the user.

Actual results:
Auth fails as expected. However, "Internal Error (System error)" appears in the log.

/var/log/sssd/sssd_LDAP.log shows:

<snip>
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [find_password_expiration_attributes] (1): No shadow password attributes found, but shadow password policy was requested.
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [get_user_dn] (1): find_password_expiration_attributes failed.
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [sdap_handle_release] (8): Trace: sh[0x241b610], connected[1], ops[(nil)], ldap[0x241e270], destructor_lock[0], release_memory[0]
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [remove_connection_callback] (9): Successfully removed connection callback.
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Backend returned: (3, 4, <NULL>) [Internal Error (System error)]
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Sending result [4][LDAP]
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Sent result [4][LDAP]
</snip>

Expected results:
Password policy error message should print something better than "Internal Error (System error)".

Additional info:

Fields changed

coverity: =>
description: https://bugzilla.redhat.com/show_bug.cgi?id=733409

{{{
Description of problem:
Password policy error message should print something better than "Internal Error".

Version-Release number of selected component (if applicable):
sssd-1.5.1-47.el6

How reproducible:
Always

Steps to Reproduce:
1. Add a ldap user without any shadow attributes.
2. Set ldap_pwd_policy = shadow in sssd.conf
3. Try auth as the user.

Actual results:
Auth fails as expected. However, "Internal Error (System error)" appears in the log.

/var/log/sssd/sssd_LDAP.log shows:

<snip>
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [find_password_expiration_attributes] (1): No shadow password attributes found, but shadow password policy was requested.
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [get_user_dn] (1): find_password_expiration_attributes failed.
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [sdap_handle_release] (8): Trace: sh[0x241b610], connected[1], ops[(nil)], ldap[0x241e270], destructor_lock[0], release_memory[0]
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [remove_connection_callback] (9): Successfully removed connection callback.
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Backend returned: (3, 4, <NULL>) [Internal Error (System error)]
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Sending result [4][LDAP]
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Sent result [4][LDAP]
</snip>

Expected results:
Password policy error message should print something better than "Internal Error (System error)".

Additional info:
}}}
=> https://bugzilla.redhat.com/show_bug.cgi?id=733409

{{{
Description of problem:
Password policy error message should print something better than "Internal Error".

Version-Release number of selected component (if applicable):
sssd-1.5.1-47.el6

How reproducible:
Always

Steps to Reproduce:
1. Add a ldap user without any shadow attributes.
2. Set ldap_pwd_policy = shadow in sssd.conf
3. Try auth as the user.

Actual results:
Auth fails as expected. However, "Internal Error (System error)" appears in the log.

/var/log/sssd/sssd_LDAP.log shows:

<snip>
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [find_password_expiration_attributes] (1): No shadow password attributes found, but shadow password policy was requested.
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [get_user_dn] (1): find_password_expiration_attributes failed.
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [sdap_handle_release] (8): Trace: sh[0x241b610], connected[1], ops[(nil)], ldap[0x241e270], destructor_lock[0], release_memory[0]
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [remove_connection_callback] (9): Successfully removed connection callback.
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Backend returned: (3, 4, <NULL>) [Internal Error (System error)]
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Sending result [4][LDAP]
(Thu Aug 25 06:22:59 2011) [sssd[be[LDAP]]] [be_pam_handler_callback] (4): Sent result [4][LDAP]
</snip>

Expected results:
Password policy error message should print something better than "Internal Error (System error)".

Additional info:
}}}

owner: somebody => sbose
patch: => 0
rhbz: => 733409
tests: => 0
testsupdated: => 0
upgrade: => 0

Fixed by:
- 24a5dc6 (master)
- 79cbbd1 (sssd-1-6)
- db9f11c (sssd-1-5)

patch: 0 => 1
resolution: => fixed
status: new => closed

Metadata Update from @sgallagh:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.5.13

4 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2024

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata