Bug 875738 - offline authentication failure always returns System Error
Summary: offline authentication failure always returns System Error
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sssd
Version: 6.4
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Jakub Hrozek
QA Contact: Kaushik Banerjee
URL:
Whiteboard:
Depends On:
Blocks: 881827
TreeView+ depends on / blocked
 
Reported: 2012-11-12 14:00 UTC by Jakub Hrozek
Modified: 2020-05-02 17:05 UTC (History)
5 users (show)

Fixed In Version: sssd-1.9.2-16.el6
Doc Type: Bug Fix
Doc Text:
No documentation needed.
Clone Of:
Environment:
Last Closed: 2013-02-21 09:40:06 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github SSSD sssd issues 2678 None None None 2020-05-02 17:05:42 UTC
Red Hat Product Errata RHSA-2013:0508 normal SHIPPED_LIVE Low: sssd security, bug fix and enhancement update 2013-02-20 21:30:10 UTC

Description Jakub Hrozek 2012-11-12 14:00:28 UTC
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/sssd/ticket/1636

Whenever there is any error during offline authentication, including mistyped password, pam_sss always returns System Error. This is confusing to the admin, as looking at /var/log/secure makes it look like the SSSD is in trouble.

Comment 2 Amith 2012-12-17 09:08:13 UTC
Verified the BZ on SSSD version: sssd-1.9.2-41.el6.x86_64

Below is the beaker output for the automated script:

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: 875738 - offline authentication failure always returns System Error
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'ldapadd -xv -D "cn=Directory Manager" -w Secret123 -H ldap://hubcap.lab.eng.pnq.redhat.com -f /tmp/tempuser.ldif'
:: [   PASS   ] :: Running '> /var/log/sssd/sssd_pam.log'
:: [   LOG    ] :: Sleeping for 5 seconds
:: [   PASS   ] :: Running 'restart_clearing_cache'
:: [   PASS   ] :: Running 'sleep 5'
:: [   PASS   ] :: Running 'chmod 755 /tmp/ssh.sh'
:: [   PASS   ] :: Running '/tmp/ssh.sh'
:: [   PASS   ] :: Running 'ifdown eth0'
:: [   PASS   ] :: Running 'sleep 5'
:: [   PASS   ] :: Authentication failed, as expected
:: [   PASS   ] :: Running 'auth_failure off_user WrongPass'
:: [   PASS   ] :: Running 'sleep 5'
:: [   PASS   ] :: File '/var/log/sssd/sssd_pam.log' should not contain 'System error'
:: [   PASS   ] :: File '/var/log/secure' should not contain 'System error'
:: [   PASS   ] :: Running 'ifup eth0'
:: [   LOG    ] :: Duration: 1m 45s
:: [   LOG    ] :: Assertions: 15 good, 1 bad
:: [   PASS   ] :: RESULT: 875738 - offline authentication failure always returns System Error

Comment 3 errata-xmlrpc 2013-02-21 09:40:06 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html


Note You need to log in before you can comment on or make changes to this bug.