Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make list of local PAM services allowed for Smartcard authentication configurable #3967

Closed
sssd-bot opened this issue May 2, 2020 · 0 comments
Labels
Bugzilla Closed: Fixed Issue was closed as fixed.

Comments

@sssd-bot
Copy link

sssd-bot commented May 2, 2020

Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/2926


Currently the list of PAM services where Smartcard authentication is considered is hardcoded. It should be maked configurable at compile and run-time

Comments


Comment from jhrozek at 2016-01-14 16:37:10

Fields changed

rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=1298627 1298627]


Comment from jhrozek at 2016-01-14 16:48:56

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.14 alpha


Comment from jhrozek at 2016-01-20 09:21:51

Lukas agreed on sssd-devel that he would like to work on this ticket, reassigning.

owner: sbose => lslebodn


Comment from jhrozek at 2016-01-20 09:25:38

resolution: => fixed
status: new => closed


Comment from jhrozek at 2016-01-20 09:26:08

Ugh, sorry, wrong ticket :-(

resolution: fixed =>
status: closed => reopened


Comment from lslebodn at 2016-01-20 13:49:11

Fields changed

patch: 0 => 1


Comment from jhrozek at 2016-06-20 12:11:19

Need to release the Alpha tarball today.

milestone: SSSD 1.14 alpha => SSSD 1.14 beta


Comment from jhrozek at 2016-06-27 10:56:54

Need to release the Beta tarball today.

milestone: SSSD 1.14 beta => SSSD 1.14.0


Comment from jhrozek at 2016-06-27 11:08:50

Downstream BZ -> increase in priority.

priority: major => critical


Comment from jhrozek at 2016-07-07 18:01:20

1.14.0 is about to be released.

milestone: SSSD 1.14.0 => SSSD 1.14.1


Comment from lslebodn at 2016-08-08 14:46:09

Fields changed

milestone: SSSD 1.14.1 => SSSD 1.14.2


Comment from jhrozek at 2016-10-05 22:04:19

It's not clear to me if this ticket needs to stay in 1.14 or can be fixed in 1.15 or even later. Moving to triage.

milestone: SSSD 1.14.2 => NEEDS_TRIAGE


Comment from dpal at 2016-10-06 01:19:54

Can you please elaborate what does it mean it is hardcoded? What is the current user experience? In which cases user is expected to use his SC and in which cases not?


Comment from sbose at 2016-10-06 09:30:39

I only had a few comments about the latest patch on the list, so it might be possible to still add it to 1.14.

Dmitri, the current hardcoded list include "login", "su", "su-l", "gdm-smartcard", "gdm-password", "kdm", "sudo", "sudo-i" and "gnome-screensaver" which are the services on Fedora and RHEL where we think it makes sense to allow Smartcard authentication. Making this list configurable will allow other distributions to use different names for some of the PAM services and make it easier to support now services like e.g. other window managers.


Comment from jhrozek at 2016-10-06 10:27:17

FWIW, I'm absolutely not opposed to us pushing the patch when it's finished. The only thing I disliked was seeing 30+ open tickets in the 1.14 milestone when we're already planning the 1.15 one. I just didn't want us to lose focus and forget about tickets.


Comment from jhrozek at 2016-10-07 10:56:53

OK, moving back to 1.14, because the patch is close to being done and it might benefit other distributions, in particular Ubuntu that uses a different login manager than GDM by default.

milestone: NEEDS_TRIAGE => SSSD 1.14.2


Comment from jhrozek at 2016-10-19 21:34:38

Moving tickets that didn't make it into the 1.14.2 release into the next point release.

milestone: SSSD 1.14.2 => SSSD 1.14.3


Comment from sbose at 2017-02-24 14:51:39

Metadata Update from @sbose:

  • Issue assigned to lslebodn
  • Issue set to the milestone: SSSD 1.14.3

Comment from fidencio at 2018-08-13 16:20:14

master:
93caaf2


Comment from fidencio at 2018-08-13 16:20:15

Metadata Update from @fidencio:

  • Custom field design_review reset (from 0)
  • Custom field mark reset (from 0)
  • Custom field patch adjusted to on (was: 1)
  • Custom field review reset (from 0)
  • Custom field sensitive reset (from 0)
  • Custom field testsupdated reset (from 0)
  • Issue close_status updated to: None

Comment from fidencio at 2018-08-13 16:20:37

Metadata Update from @fidencio:

  • Custom field design_review reset (from false)
  • Custom field mark reset (from false)
  • Custom field review reset (from false)
  • Custom field sensitive reset (from false)
  • Custom field testsupdated reset (from false)
  • Issue close_status updated to: Fixed
  • Issue status updated to: Closed (was: Open)

Comment from jhrozek at 2018-08-14 12:15:20

Metadata Update from @jhrozek:

  • Custom field design_review reset (from false)
  • Custom field mark reset (from false)
  • Custom field review reset (from false)
  • Custom field sensitive reset (from false)
  • Custom field testsupdated reset (from false)
  • Issue set to the milestone: SSSD 2.0 (was: SSSD 1.14.3)
@sssd-bot sssd-bot added Bugzilla Closed: Fixed Issue was closed as fixed. labels May 2, 2020
@sssd-bot sssd-bot closed this as completed May 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bugzilla Closed: Fixed Issue was closed as fixed.
Projects
None yet
Development

No branches or pull requests

1 participant