-
Notifications
You must be signed in to change notification settings - Fork 235
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GDM password prompt when cert mapped to multiple users and promptusername is False #5190
Labels
Comments
Issue linked to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1507683 |
Issue linked to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1551077 |
sumit-bose
added a commit
to sumit-bose/sssd
that referenced
this issue
Jun 4, 2020
The gdm-smartcard service is special since it is triggered by the presence of a Smartcard and even in the case of an error it will immediately try again. To break this loop we should ask for an user input and asking for a PIN is most straight forward and would show the same behavior as pam_pkcs11. Additionally it does not make sense to fall back the a password prompt for gdm-smartcard so also here a PIN prompt should be shown. Resolves: SSSD#5190 (cherry picked with changes from commit f1cebb7)
sumit-bose
added a commit
to sumit-bose/sssd
that referenced
this issue
Jun 4, 2020
sumit-bose
added a commit
to sumit-bose/sssd
that referenced
this issue
Jun 4, 2020
The gdm-smartcard service is special since it is triggered by the presence of a Smartcard and even in the case of an error it will immediately try again. To break this loop we should ask for an user input and asking for a PIN is most straight forward and would show the same behavior as pam_pkcs11. Additionally it does not make sense to fall back the a password prompt for gdm-smartcard so also here a PIN prompt should be shown. Resolves: SSSD#5190
sumit-bose
added a commit
to sumit-bose/sssd
that referenced
this issue
Jun 5, 2020
The gdm-smartcard service is special since it is triggered by the presence of a Smartcard and even in the case of an error it will immediately try again. To break this loop we should ask for an user input and asking for a PIN is most straight forward and would show the same behavior as pam_pkcs11. Additionally it does not make sense to fall back the a password prompt for gdm-smartcard so also here a PIN prompt should be shown. Resolves: SSSD#5190 (cherry picked with changes from commit f1cebb7)
pbrezina
pushed a commit
that referenced
this issue
Jun 5, 2020
The gdm-smartcard service is special since it is triggered by the presence of a Smartcard and even in the case of an error it will immediately try again. To break this loop we should ask for an user input and asking for a PIN is most straight forward and would show the same behavior as pam_pkcs11. Additionally it does not make sense to fall back the a password prompt for gdm-smartcard so also here a PIN prompt should be shown. Resolves: #5190 Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
pbrezina
pushed a commit
that referenced
this issue
Jun 5, 2020
The gdm-smartcard service is special since it is triggered by the presence of a Smartcard and even in the case of an error it will immediately try again. To break this loop we should ask for an user input and asking for a PIN is most straight forward and would show the same behavior as pam_pkcs11. Additionally it does not make sense to fall back the a password prompt for gdm-smartcard so also here a PIN prompt should be shown. Resolves: #5190 (cherry picked with changes from commit 3ed2547) Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Pushed PR: #5193
|
sumit-bose
added a commit
to sumit-bose/sssd
that referenced
this issue
Jun 19, 2020
To avoid that certificates will be shown in the certificate selection which are not available anymore they must be remove before a new request to look up the certificates is send to SSSD's PAM responder. Resolves: SSSD#5190
pbrezina
pushed a commit
that referenced
this issue
Jun 24, 2020
To avoid that certificates will be shown in the certificate selection which are not available anymore they must be remove before a new request to look up the certificates is send to SSSD's PAM responder. Resolves: #5190 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
etrunko
pushed a commit
to etrunko/sssd
that referenced
this issue
Nov 16, 2023
The gdm-smartcard service is special since it is triggered by the presence of a Smartcard and even in the case of an error it will immediately try again. To break this loop we should ask for an user input and asking for a PIN is most straight forward and would show the same behavior as pam_pkcs11. Additionally it does not make sense to fall back the a password prompt for gdm-smartcard so also here a PIN prompt should be shown. Resolves: SSSD#5190 (cherry picked with changes from commit 3ed2547) Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
etrunko
pushed a commit
to etrunko/sssd
that referenced
this issue
Nov 16, 2023
The gdm-smartcard service is special since it is triggered by the presence of a Smartcard and even in the case of an error it will immediately try again. To break this loop we should ask for an user input and asking for a PIN is most straight forward and would show the same behavior as pam_pkcs11. Additionally it does not make sense to fall back the a password prompt for gdm-smartcard so also here a PIN prompt should be shown. Resolves: SSSD#5190 (cherry picked with changes from commit 3ed2547) Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1507683
The text was updated successfully, but these errors were encountered: