** Description changed:
+ [Impact]
+ PAM returns an error when exiting from an su session. Fixed upstream by
moving SELinux processing to the account stack.
+
+ [Test case]
+ Install sssd, 'su - $localuser; exit; echo $?'
+
+ [Regression potential]
+ small, included upstream for months, backported for the 1.8.5 release.
+
+ --
+
Ubuntu release: 12.04 LTS
Package release: sssd 1.8.2-0ubuntu1 (amd64)
There is a problem using su to switch to local accounts over sssd (in
this case with an ldap backend). The su session or command will work,
but will produce an error status on exit (or completion).
The local accounts are present in the sssd.conf "filter_users" directive
so that they are supposed to be ignored at the NSS level.
What is expected to happen:
# su - localaccount
localaccount@hostname:~$ exit
logout
# echo $?
0
What happens:
# su - localaccount
localaccount@hostname:~$ exit
logout
su: User not known to the underlying authentication module
# echo $?
1
In /var/log/auth.log this error is recorded:
Jun 4 23:00:45 hostname su[23930]: pam_unix(su:session): session closed for
user localaccount
Jun 4 23:00:45 hostname su[23930]: pam_close_session: User not known to the
underlying authentication module
** Changed in: sssd (Ubuntu Precise)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1012900
Title:
Using SSSD, PAM error when exiting su session
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1012900/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
