https://bugzilla.redhat.com/show_bug.cgi?id=2251709
Bug ID: 2251709
Summary: Update to sssd-2.9.3 breaks user authentication via
smartcard
Product: Fedora
Version: 39
Hardware: x86_64
OS: Linux
Status: NEW
Component: sssd
Assignee: sssd-maintainers(a)lists.fedoraproject.org
Reporter: ralf.schneider(a)ra-s.org
QA Contact: extras-qa(a)fedoraproject.org
CC: abokovoy(a)redhat.com, atikhono(a)redhat.com,
lslebodn(a)redhat.com, mzidek(a)redhat.com,
pbrezina(a)redhat.com, sbose(a)redhat.com,
ssorce(a)redhat.com,
sssd-maintainers(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Description of problem:
I have set up a sssd / pam authentication via a pkcs15 certificate stored on a
Nitrokey Pro smartcard. Everything worked until doing a dfn update which
upgraded sssd to version 2.9.3.
Downgrading sssd-dbus and its dependencies to version 2.9.2 made things working
again.
Version-Release number of selected component (if applicable):
sssd-2.9.3-1.fc39.x86_64
How reproducible:
Steps to Reproduce:
1. dnf update
2. Using pamtester to check login and authentication procedure:
pamtester login $USER authenticate
3. Giving the user pin of the card leads to:
pamtester: Authentication failure
4. Giving the user's password leads to:
pamtester: successfully authenticated
5. Downgrading sssd-dbus
sudo dnf install sssd-dbus-2.9.2
6. Using pamtester to check login and authentication procedure:
pamtester login $USER authenticate
PIN for OpenPGP card (User PIN):
pamtester: successfully authenticated
Actual results:
User not able to authenticate with pkcs15 certificate via smartcard
Expected results:
User should be able to authenticate with pkcs15 certificate via smartcard
Additional info:
--
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2251709
Report this comment as SPAM:
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=rep...