708353 – latest sssd fails if ldap_default_authtok_type is not mentioned

Bug 708353 - latest sssd fails if ldap_default_authtok_type is not mentioned

Summary: latest sssd fails if ldap_default_authtok_type is not mentioned

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	sssd
Sub Component:
Version:	6.1
Hardware:	All
OS:	Linux
Priority:	urgent
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	Stephen Gallagher
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Depends On:	707282 748833
Blocks:
TreeView+	depends on / blocked

Reported:	2011-05-27 11:44 UTC by RHEL Program Management
Modified:	2015-01-04 23:48 UTC (History)
CC List:	11 users (show)
Fixed In Version:	sssd-1.5.1-34.el6_1.1
Doc Type:	Bug Fix
Doc Text:	The sssd client terminated when the ldap_default_authtok_type option was not configured. With this update, the ldap_default_authtok_type option now defaults to "password" if it is not specified in the /etc/sssd/sssd.conf file and the bug no longer occurs.
Clone Of:
Environment:
Last Closed:	2011-06-02 17:36:51 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2011:0849	0	normal	SHIPPED_LIVE	sssd bug fix update	2011-06-02 17:36:43 UTC

Description RHEL Program Management 2011-05-27 11:44:07 UTC

This bug has been copied from bug #707282 and has been proposed
to be backported to 6.1 z-stream (EUS).

Comment 4 Kaushik Banerjee 2011-05-30 07:45:10 UTC

ldap_default_authtok_type now defaults to "password" if it is not explicitly mentioned in /etc/sssd/sssd.conf

/var/log/sssd/sssd_AD.log
<snip>
(Mon May 30 12:55:20 2011) [sssd[be[AD]]] [dp_get_options] (6): Option ldap_default_bind_dn has value cn=Administrator,cn=Users,dc=sssdad,dc=com
(Mon May 30 12:55:20 2011) [sssd[be[AD]]] [dp_get_options] (6): Option ldap_default_authtok_type has value password
(Mon May 30 12:55:20 2011) [sssd[be[AD]]] [dp_get_options] (6): Option ldap_default_authtok has a binary value.
</snip>

Verified functionality with correct & incorrect passwords in
"ldap_default_authtok".

Verified in version:
# rpm -qi sssd | head
Name        : sssd                         Relocations: (not relocatable)
Version     : 1.5.1                             Vendor: Red Hat, Inc.
Release     : 34.el6_1.1                    Build Date: Fri 27 May 2011 06:04:19 PM IST
Install Date: Mon 30 May 2011 05:58:13 AM IST      Build Host: x86-012.build.bos.redhat.com
Group       : Applications/System           Source RPM: sssd-1.5.1-34.el6_1.1.src.rpm
Size        : 3463155                          License: GPLv3+
Signature   : (none)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://fedorahosted.org/sssd/
Summary     : System Security Services Daemon

Comment 5 Tomas Capek 2011-06-01 09:47:47 UTC

    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
The sssd client terminated when the ldap_default_authtok_type option was not configured. With this update, the ldap_default_authtok_type option now defaults to "password" if it is not specified in the /etc/sssd/sssd.conf file and the bug no longer occurs.

Comment 6 errata-xmlrpc 2011-06-02 17:36:51 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0849.html

Note You need to log in before you can comment on or make changes to this bug.