698377 – authconfig --test does not run as an unprivileged users

Bug 698377 - authconfig --test does not run as an unprivileged users

Summary: authconfig --test does not run as an unprivileged users

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	authconfig
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	low
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-04-20 18:20 UTC by Andrew McNabb
Modified:	2013-07-03 15:10 UTC (History)
CC List:	2 users (show)
Fixed In Version:	authconfig-6.1.15-1.fc16
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-07-22 11:33:50 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Andrew McNabb 2011-04-20 18:20:36 UTC

Description of problem:

The authconfig man page states that "If --test action is specified, authconfig can be  run  by  users  other then  root,  and  any  configuration  changes are not saved but printed instead."  However, if I try to run "authconfig --test" as an unprivileged user, it brings up a modal dialog stating "You are attempting to run "authconfig" which requires administrative privileges, but more information is needed in order to do so" and quits if I hit cancel.

I'm not sure whether there's a bug, or if it's just outdated information in the man page.


Version-Release number of selected component (if applicable):

authconfig-6.1.11-1.fc14.x86_64

Comment 1 Andrew McNabb 2011-05-02 21:22:36 UTC

I've also checked with Fedora 15 and found that it still requires authentication with authconfig-6.1.13-1.fc15.x86_64.

Comment 2 Tomas Mraz 2011-05-17 14:28:49 UTC

Authconfig uses consolehelper for the root authentication. If you run directly the /usr/sbin/authconfig binary, it will not attempt the consolehelper authentication and will runt the --test fine as an unprivileged user.

Comment 3 Andrew McNabb 2011-05-17 16:37:56 UTC

Aah, then the authconfig man page should clearly reflect that there are two different authconfigs.

Comment 4 Tomas Mraz 2011-05-17 16:43:13 UTC

There are no two different authconfigs, there are just two different ways how to run it. :)

But OK, I can add something to the manual page.

Comment 5 Tomas Mraz 2011-07-22 11:33:50 UTC

Mentioned /usr/sbin/authconfig in the manpage.

Comment 6 Fedora Update System 2011-07-22 11:46:25 UTC

authconfig-6.1.15-1.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/authconfig-6.1.15-1.fc15

Comment 7 Fedora Update System 2011-08-02 02:02:41 UTC

authconfig-6.1.15-1.fc15 has been pushed to the Fedora 15 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 8 Peter Backes 2013-07-03 15:10:09 UTC

IMO, this bug was not resolved in a sufficiently useful and intuitive manner. If I do "man authconfig", it has some section NOTES far down mentioning /usr/sbin/authconfig, while the user would expect to know about this when reading about --test. The man page currently says: "If --test action is specified, the authconfig just  reads  the  current settings  from the various configuration files and prints their values." I suggest changing this into: "If --test action is specified, authconfig just  reads  the  current settings  from the various configuration files and prints their values. This action can be  run  by  users  other than  root. However, note that /usr/bin/authconfig uses consolehelper(8) to authenticate  as  the system user before it starts up. If you want to run it directly without the authentication as the system  user,  run  /usr/sbin/authconfig instead." and removing the note from the NOTES section.

Note You need to log in before you can comment on or make changes to this bug.