[Pkg-sssd-devel] SUDOERs Bug in SSD < 1.13; Fix Backport Requested
Aaron Peschel
apeschel at zendesk.com
Tue Feb 9 00:05:37 UTC 2016
Hello Timo,
Thanks for the very quick response!
I tracked down the commit that fixed the bug, here's a link to it:
https://git.fedorahosted.org/cgit/sssd.git/commit/?id=52e3ee5c5ff2c5a4341041826a803ad42d2b2de7
I took a look at the source for 1.12.5 to see if the commit had
already been backported, but unfortunately, the bug is present in your
latest 1.12.5 release.
I backported the commit to work with your 1.11.7 release, I'll attach
it in the following email
-Aaron
On Mon, Feb 8, 2016 at 2:40 PM, Timo Aaltonen <tjaalton at debian.org> wrote:
> 09.02.2016, 00:06, Aaron Peschel kirjoitti:
>> There's a bug in SSSD versions prior to 1.13 that causes the order of
>> LDAP SUDOERs rules using the sudoOrder attribute to be incorrect.
>>
>> https://www.sudo.ws/pipermail/sudo-users/2016-January/005723.html
>> https://bugzilla.redhat.com/show_bug.cgi?id=1138576
>>
>> This bug exists in the SSD packages for all Ubuntu releases except
>> Xenial. Unfortunately, since Xenial is a systemd based release, it's
>> package cannot directly be backported to the previous Ubuntu releases.
>>
>> It would be greatly appreciated if you could backport the fix for this
>> bug to the other releases, or provide a backported version of the 1.13
>> package for Upstart releases. 12.04 (precise) is the release I am
>> personally interested in a fix for.
>
> Have you tried 1.12.5?
>
> 12.04 has 1.11.x, full backport of 1.13 would need quite a bit of work I
> think, and is not something I'm willing to spend time on. Bisect the
> patch that's needed and I can add it to 1.11.
>
> --
> t
More information about the Pkg-sssd-devel
mailing list