On Tue, Nov 24, 2015 at 11:10:11AM +0100, Winfried de Heiden wrote:
>    Hi all,
> 
>    Running as an ordinary user, straight from the beginning.
> 
>    Is the (default) suid of/usr/bin/su causing this?
>     
>    Anyway: the info requested:
> 
>    /var/log/secure will tell:
>    Nov 24 11:04:11 fedora23-server su: pam_systemd(su:session): Cannot create
>    session: Already running in a session
>    Nov 24 11:04:11 fedora23-server su: pam_unix(su:session): session opened
>    for user root by testuser(uid=10005)
         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sorry, I missed this previously. So you're running "su -" as testuser
right? That's not hitting SSSD, because the target user is root, so "su"
would do:
    pam_start("su", "root", ...)
    pam_authenticate();

So what you're seeing is expected. Try su-ing to testuser from another
non-root user, it's going to fail.

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to