← Back to team overview

debcrafters-packages team mailing list archive

[Bug 2119081] [NEW] ssd and realm - not able to list effective simple_allow_users from secondary configurations under /etc/sssd/conf.d/

 

Public bug reported:

As per the sssd man page, the configuration from secondary configuration
files in /etc/sssd/conf.d/ folder take precedence over the
/etc/sssd/sssd.conf file settings.

Accordingly, if you have the below in /etc/sssd/sssd.conf
simple_allow_users = userA

and below in /etc/sssd/conf.d/test.conf
simple_allow_users = userB

only 'userB' will have the permission to login. This has been tested and
verified.

But when you list the permitted-logins using the command "realm list", it will always list the below entries from the /etc/sssd/sssd.conf "simple_allow_users" parameter no matter if it was overridden by same parameter from file in /etc/sssd/conf.d/
permitted-logins: userA

This information returned by 'realm list' is incorrect and misleading. If I change the /etc/sssd/sssd.conf entry to below and restart sssd service, "realm list" will update accordingly. 
simple_allow_users = userC

Tested package versions:
sssd - 2.9.4-1.1ubuntu6.2
realmd - 0.17.1-3build2

Bug is reported here as well:
https://gitlab.freedesktop.org/realmd/realmd/-/issues/43

** Affects: realmd (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of
Debcrafters packages, which is subscribed to realmd in Ubuntu.
https://bugs.launchpad.net/bugs/2119081

Title:
  ssd and realm - not able to list effective simple_allow_users from
  secondary configurations under /etc/sssd/conf.d/

Status in realmd package in Ubuntu:
  New

Bug description:
  As per the sssd man page, the configuration from secondary
  configuration files in /etc/sssd/conf.d/ folder take precedence over
  the /etc/sssd/sssd.conf file settings.

  Accordingly, if you have the below in /etc/sssd/sssd.conf
  simple_allow_users = userA

  and below in /etc/sssd/conf.d/test.conf
  simple_allow_users = userB

  only 'userB' will have the permission to login. This has been tested
  and verified.

  But when you list the permitted-logins using the command "realm list", it will always list the below entries from the /etc/sssd/sssd.conf "simple_allow_users" parameter no matter if it was overridden by same parameter from file in /etc/sssd/conf.d/
  permitted-logins: userA

  This information returned by 'realm list' is incorrect and misleading. If I change the /etc/sssd/sssd.conf entry to below and restart sssd service, "realm list" will update accordingly. 
  simple_allow_users = userC

  Tested package versions:
  sssd - 2.9.4-1.1ubuntu6.2
  realmd - 0.17.1-3build2

  Bug is reported here as well:
  https://gitlab.freedesktop.org/realmd/realmd/-/issues/43

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/2119081/+subscriptions



Follow ups