debcrafters-packages team mailing list archive
-
debcrafters-packages team
-
Mailing list archive
-
Message #04711
[Bug 2119081] [NEW] ssd and realm - not able to list effective simple_allow_users from secondary configurations under /etc/sssd/conf.d/
Public bug reported:
As per the sssd man page, the configuration from secondary configuration
files in /etc/sssd/conf.d/ folder take precedence over the
/etc/sssd/sssd.conf file settings.
Accordingly, if you have the below in /etc/sssd/sssd.conf
simple_allow_users = userA
and below in /etc/sssd/conf.d/test.conf
simple_allow_users = userB
only 'userB' will have the permission to login. This has been tested and
verified.
But when you list the permitted-logins using the command "realm list", it will always list the below entries from the /etc/sssd/sssd.conf "simple_allow_users" parameter no matter if it was overridden by same parameter from file in /etc/sssd/conf.d/
permitted-logins: userA
This information returned by 'realm list' is incorrect and misleading. If I change the /etc/sssd/sssd.conf entry to below and restart sssd service, "realm list" will update accordingly.
simple_allow_users = userC
Tested package versions:
sssd - 2.9.4-1.1ubuntu6.2
realmd - 0.17.1-3build2
Bug is reported here as well:
https://gitlab.freedesktop.org/realmd/realmd/-/issues/43
** Affects: realmd (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of
Debcrafters packages, which is subscribed to realmd in Ubuntu.
https://bugs.launchpad.net/bugs/2119081
Title:
ssd and realm - not able to list effective simple_allow_users from
secondary configurations under /etc/sssd/conf.d/
Status in realmd package in Ubuntu:
New
Bug description:
As per the sssd man page, the configuration from secondary
configuration files in /etc/sssd/conf.d/ folder take precedence over
the /etc/sssd/sssd.conf file settings.
Accordingly, if you have the below in /etc/sssd/sssd.conf
simple_allow_users = userA
and below in /etc/sssd/conf.d/test.conf
simple_allow_users = userB
only 'userB' will have the permission to login. This has been tested
and verified.
But when you list the permitted-logins using the command "realm list", it will always list the below entries from the /etc/sssd/sssd.conf "simple_allow_users" parameter no matter if it was overridden by same parameter from file in /etc/sssd/conf.d/
permitted-logins: userA
This information returned by 'realm list' is incorrect and misleading. If I change the /etc/sssd/sssd.conf entry to below and restart sssd service, "realm list" will update accordingly.
simple_allow_users = userC
Tested package versions:
sssd - 2.9.4-1.1ubuntu6.2
realmd - 0.17.1-3build2
Bug is reported here as well:
https://gitlab.freedesktop.org/realmd/realmd/-/issues/43
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/2119081/+subscriptions
Follow ups