rpms
/
sssd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Resolves: rhbz#1622760 - Console login as FreeIPA domain user fails in current Fedora Rawhide / 29 

(cherry picked from commit 129efc7839)
This commit is contained in:
Michal Židek 2018-08-29 15:39:37 +02:00
parent 54406357e5
commit e994e1f91a
2 changed files with 44 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
0004-KCM-Don-t-error-out-if-creating-a-new-ID-as-the-firs.patch Normal file
View File

@ -0,0 +1,39 @@
From 81dce19792cf300950411722d16b72f8816aecb0 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Tue, 28 Aug 2018 14:47:44 +0200
Subject: [PATCH] KCM: Don't error out if creating a new ID as the first step
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
We need to handle the case where the nextID operation is ran, but the
secdb is totally empty, otherwise logins with sssd's krb5_child would
fail.
Resolves:
https://pagure.io/SSSD/sssd/issue/3815
Reviewed-by: Michal Židek <mzidek@redhat.com>
---
src/responder/kcm/kcmsrv_ccache_secdb.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/responder/kcm/kcmsrv_ccache_secdb.c b/src/responder/kcm/kcmsrv_ccache_secdb.c
index 0f1c037..a61d7b1 100644
--- a/src/responder/kcm/kcmsrv_ccache_secdb.c
+++ b/src/responder/kcm/kcmsrv_ccache_secdb.c
@@ -595,7 +595,10 @@ static struct tevent_req *ccdb_secdb_nextid_send(TALLOC_CTX *mem_ctx,
}
ret = sss_sec_list(state, sreq, &keys, &nkeys);
- if (ret != EOK) {
+ if (ret == ENOENT) {
+ keys = NULL;
+ nkeys = 0;
+ } else if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE,
"Cannot list keys [%d]: %s\n",
ret, sss_strerror(ret));
--
2.9.5

6
sssd.spec
View File

@ -36,7 +36,7 @@
Name: sssd
Version: 2.0.0
Release: 2%{?dist}
Release: 3%{?dist}
Group: Applications/System
Summary: System Security Services Daemon
License: GPLv3+
@ -47,6 +47,7 @@ Source0: https://releases.pagure.org/SSSD/sssd/%{name}-%{version}.tar.gz
Patch0001: 0001-BUILD-Fix-issue-with-installation-of-libsss_secrets.patch
Patch0002: 0002-BUILD-Add-missing-deps-to-libsss_sbus-.so.patch
Patch0003: 0003-BUILD-Reduce-compilation-of-unnecessary-files.patch
Patch0004: 0004-KCM-Don-t-error-out-if-creating-a-new-ID-as-the-firs.patch
### Downstream only patches ###
Patch0502: 0502-SYSTEMD-Use-capabilities.patch
@ -1214,6 +1215,9 @@ fi
%{_libdir}/%{name}/modules/libwbclient.so
%changelog
* Wed Aug 29 2018 Michal Židek <mzidek@redhat.com> - 2.0.0-3
- Resolves: rhbz#1622760 - Console login as FreeIPA domain user fails in current Fedora Rawhide / 29
* Wed Aug 29 2018 Michal Židek <mzidek@redhat.com> - 2.0.0-2
- Fix linking issues