1382395 – sudo: ignore case on case insensitive domains

Bug 1382395 - sudo: ignore case on case insensitive domains

Summary: sudo: ignore case on case insensitive domains

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	sssd
Sub Component:
Version:	6.8
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	SSSD Maintainers
QA Contact:	Steeve Goveas
Docs Contact:
URL:
Whiteboard:
Depends On:	1380436
Blocks:
TreeView+	depends on / blocked

Reported:	2016-10-06 14:35 UTC by Amy Farley
Modified:	2020-05-04 10:58 UTC (History)
CC List:	11 users (show)
Fixed In Version:	sssd-1.13.3-48.el6
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	1380436
Environment:
Last Closed:	2017-03-21 09:58:22 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	SSSD sssd issues 4236	0	None	None	None	2020-05-04 10:58:22 UTC
Red Hat Product Errata	RHBA-2017:0632	0	normal	SHIPPED_LIVE	sssd bug fix and enhancement update	2017-03-21 12:30:13 UTC

Comment 5 Jakub Hrozek 2016-11-24 09:19:11 UTC

additional patch for sssd-1-13: fd2d599dfde825f4daf88fa2815eefe6395a8450

Comment 7 Jakub Hrozek 2016-11-24 13:02:13 UTC

One additional patch was needed:
sssd-1-13: 6ec33f5acfba6fa266c1dd7722c0c7bb88333f7f

Comment 9 Amith 2016-12-19 13:29:44 UTC

Verified the bug on SSSD Version : sssd-1.13.3-52.el6

Steps followed during verification:
1. Add sudo rules in AD, allowing users to run commands. Also, assign the sudoUser attribute values in Upper case and lower case. For example:

dn: CN=rule2,OU=sudoers,DC=black,DC=com
objectClass: top
objectClass: sudoRole
cn: rule2
distinguishedName: CN=rule2,OU=sudoers,DC=black,DC=com
instanceType: 4
whenCreated: 20161114142141.0Z
whenChanged: 20161114142141.0Z
uSNCreated: 65679
uSNChanged: 65679
name: rule2
objectGUID:: K32CWpLY0k2xNvzxsKmxrQ==
objectCategory: CN=sudoRole,CN=Schema,CN=Configuration,DC=black,DC=com
dSCorePropagationData: 16010101000000.0Z
sudoCommand: /usr/bin/more
sudoUser: STUDENT3
sudoHost: ALL
.
.
sudoUser: student2, sudoUser: student2 etc.

2. Setup sssd client and execute sudo cmds as users in exact case names, lower case names and upper case names.

# sudo -l -U student2
User student2 may run the following commands on this host:
    (root) /usr/bin/less
    (root) /usr/bin/more

# sudo -l -U STUDENT7
User student7 may run the following commands on this host:
    (root) ALL

# sudo -l -U student7
User student7 may run the following commands on this host:
    (root) ALL

Comment 11 errata-xmlrpc 2017-03-21 09:58:22 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2017-0632.html

Note You need to log in before you can comment on or make changes to this bug.