Bug 869013
Summary: | Sudo smart refresh doesn't occur on time | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Nikolai Kondrashov <nikolai.kondrashov> | ||||
Component: | sssd | Assignee: | Jakub Hrozek <jhrozek> | ||||
Status: | CLOSED ERRATA | QA Contact: | Kaushik Banerjee <kbanerje> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 6.4 | CC: | dpal, grajaiya, jgalipea, pbrezina | ||||
Target Milestone: | rc | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | sssd-1.9.2-5.el6 | Doc Type: | Bug Fix | ||||
Doc Text: |
Cause: SUDO smart refresh was not performed if LDAP server did not contained any rule when SSSD started.
Consequence: Newly created rules where found after a longer period of time than the ldap_sudo_smart_refresh_interval option says.
Fix: SUDO smart refresh is performed.
Result: Newly created rule are found within ldap_sudo_smart_refresh_interval time span.
|
Story Points: | --- | ||||
Clone Of: | Environment: | ||||||
Last Closed: | 2013-02-21 09:37:51 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Nikolai Kondrashov
2012-10-22 18:34:55 UTC
Pavel, can you check out the test and work with Nikolai on fixing this? Thanks! Upstream ticket: https://fedorahosted.org/sssd/ticket/1596 Fixed upstream. Verified fixed in following packages: sssd-client-1.9.2-41.el6.x86_64 libsss_idmap-1.9.2-41.el6.x86_64 libsss_sudo-1.9.2-41.el6.x86_64 sudo-1.8.6p3-6.el6.x86_64 sssd-1.9.2-41.el6.x86_64 Relevant sudo suite output: :: [ PASS ] :: refresh_add_rule_before_smart :: [ PASS ] :: refresh_add_rule_after_smart :: [ PASS ] :: refresh_mod_rule_user_to_mismatch :: [ PASS ] :: refresh_mod_rule_user_to_match_before_smart :: [ PASS ] :: refresh_mod_rule_user_to_match_after_smart :: [ PASS ] :: refresh_mod_rule_command_to_mismatch :: [ PASS ] :: refresh_mod_rule_command_to_match :: [ PASS ] :: refresh_mod_rule_runasuser_to_mismatch :: [ PASS ] :: refresh_mod_rule_runasuser_to_match :: [ PASS ] :: refresh_mod_rule_runasgroup_to_mismatch :: [ PASS ] :: refresh_mod_rule_runasgroup_to_match :: [ PASS ] :: refresh_mod_rule_sudooption_to_require_auth :: [ PASS ] :: refresh_mod_rule_sudooption_to_not_require_auth Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0508.html |