[Bug 279255] security/sssd2: Fix the krb5_store_password_if_offline feature

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 23 May 2024 14:49:59 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=279255

            Bug ID: 279255
           Summary: security/sssd2: Fix the krb5_store_password_if_offline
                    feature
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: jhixson@FreeBSD.org
          Reporter: markj@FreeBSD.org
          Assignee: jhixson@FreeBSD.org
             Flags: maintainer-feedback?(jhixson@FreeBSD.org)

Created attachment 250903
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=250903&action=edit
proposed security/sssd2 patch

The legacy security/sssd port has a patch which lets one set
krb5_store_password_if_offline=True in a IPA provider configuration block.  The
patch fixes some code which uses /proc to enumerate the UIDs of logged-in
users.  Without the patch, if one has this configuration variable set, sssd
dies with an obscure error.  This caused some pain when a user was updating
from sssd to sssd2.

I ported the patch forward to security/sssd2 and will attach it here.  I tested
this in a local setup, as did the user who is migrating to sssd2 on production
systems.

-- 
You are receiving this mail because:
You are the assignee for the bug.