Bug 1382395

Summary: sudo: ignore case on case insensitive domains
Product: Red Hat Enterprise Linux 6 Reporter: Amy Farley <afarley>
Component: sssdAssignee: SSSD Maintainers <sssd-maint>
Status: CLOSED ERRATA QA Contact: Steeve Goveas <sgoveas>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.8CC: afarley, apeetham, grajaiya, jhrozek, john, lslebodn, mkosek, mzidek, pbrezina, sgoveas, sssd-maint
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: sssd-1.13.3-48.el6 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1380436 Environment:
Last Closed: 2017-03-21 09:58:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1380436    
Bug Blocks:    

Comment 5 Jakub Hrozek 2016-11-24 09:19:11 UTC 
additional patch for sssd-1-13: fd2d599dfde825f4daf88fa2815eefe6395a8450
Comment 7 Jakub Hrozek 2016-11-24 13:02:13 UTC 
One additional patch was needed:
sssd-1-13: 6ec33f5acfba6fa266c1dd7722c0c7bb88333f7f
Comment 9 Amith 2016-12-19 13:29:44 UTC 
Verified the bug on SSSD Version : sssd-1.13.3-52.el6

Steps followed during verification:
1. Add sudo rules in AD, allowing users to run commands. Also, assign the sudoUser attribute values in Upper case and lower case. For example:

dn: CN=rule2,OU=sudoers,DC=black,DC=com
objectClass: top
objectClass: sudoRole
cn: rule2
distinguishedName: CN=rule2,OU=sudoers,DC=black,DC=com
instanceType: 4
whenCreated: 20161114142141.0Z
whenChanged: 20161114142141.0Z
uSNCreated: 65679
uSNChanged: 65679
name: rule2
objectGUID:: K32CWpLY0k2xNvzxsKmxrQ==
objectCategory: CN=sudoRole,CN=Schema,CN=Configuration,DC=black,DC=com
dSCorePropagationData: 16010101000000.0Z
sudoCommand: /usr/bin/more
sudoUser: STUDENT3
sudoHost: ALL
.
.
sudoUser: student2, sudoUser: student2 etc.

2. Setup sssd client and execute sudo cmds as users in exact case names, lower case names and upper case names.

# sudo -l -U student2
User student2 may run the following commands on this host:
    (root) /usr/bin/less
    (root) /usr/bin/more

# sudo -l -U STUDENT7
User student7 may run the following commands on this host:
    (root) ALL

# sudo -l -U student7
User student7 may run the following commands on this host:
    (root) ALL
Comment 11 errata-xmlrpc 2017-03-21 09:58:22 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2017-0632.html