Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve reliability of smartcard_auth remediation #1967

Merged
merged 1 commit into from Apr 28, 2017
Merged

Improve reliability of smartcard_auth remediation #1967

merged 1 commit into from Apr 28, 2017

Conversation

yuumasato
Copy link
Member

Avoid adding
'auth [success=done authinfo_unavail=ignore ignore=ignore default=die]
pam_pkcs11.so nodebug'
after every occurence of
'auth [success=1 default=ignore] pam_succeed_if.so service notin
login:gdm:xdm:kdm:xscreensaver:gnome-screensaver:kscreensaver quiet use_uid'

There can be situations in witch the PAM stack is already configured
with a pam_succeed_if.so module exactly like that.

Addresses comment 9 of https://bugzilla.redhat.com/show_bug.cgi?id=1357019

@yuumasato
Improve reliability of smartcard_auth remediation
0f1745b 
Avoid adding
'auth [success=done authinfo_unavail=ignore ignore=ignore default=die]
pam_pkcs11.so nodebug'
after every occurence of
'auth [success=1 default=ignore] pam_succeed_if.so service notin
login:gdm:xdm:kdm:xscreensaver:gnome-screensaver:kscreensaver quiet use_uid'

There can be situations in witch the PAM stack is already configured
with a pam_succeed_if.so module exactly like that.

Addresses comment 9 of https://bugzilla.redhat.com/show_bug.cgi?id=1357019
@yuumasato yuumasato added this to the 0.1.33 milestone Apr 25, 2017
@yuumasato yuumasato requested a review from dahaic April 26, 2017 08:34
@yuumasato
Copy link
Member Author

@dahaic Since you were working on this previously, could you share your thoughts on it?
Thank you.

@dahaic
Copy link
Contributor

dahaic commented Apr 28, 2017

Thank you, this patch addresses my comment perfectly.

@dahaic dahaic merged commit cba0030 into ComplianceAsCode:master Apr 28, 2017
@yuumasato yuumasato deleted the rhel7-smartcard_auth-rem_fix branch April 28, 2017 12:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dahaic dahaic dahaic approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.1.33
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@yuumasato @dahaic