https://bugzilla.redhat.com/show_bug.cgi?id=2251709 Bug ID: 2251709 Summary: Update to sssd-2.9.3 breaks user authentication via smartcard Product: Fedora Version: 39 Hardware: x86_64 OS: Linux Status: NEW Component: sssd Assignee: sssd-maintainers(a)lists.fedoraproject.org Reporter: ralf.schneider(a)ra-s.org QA Contact: extras-qa(a)fedoraproject.org CC: abokovoy(a)redhat.com, atikhono(a)redhat.com, lslebodn(a)redhat.com, mzidek(a)redhat.com, pbrezina(a)redhat.com, sbose(a)redhat.com, ssorce(a)redhat.com, sssd-maintainers(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Description of problem: I have set up a sssd / pam authentication via a pkcs15 certificate stored on a Nitrokey Pro smartcard. Everything worked until doing a dfn update which upgraded sssd to version 2.9.3. Downgrading sssd-dbus and its dependencies to version 2.9.2 made things working again. Version-Release number of selected component (if applicable): sssd-2.9.3-1.fc39.x86_64 How reproducible: Steps to Reproduce: 1. dnf update 2. Using pamtester to check login and authentication procedure: pamtester login $USER authenticate 3. Giving the user pin of the card leads to: pamtester: Authentication failure 4. Giving the user's password leads to: pamtester: successfully authenticated 5. Downgrading sssd-dbus sudo dnf install sssd-dbus-2.9.2 6. Using pamtester to check login and authentication procedure: pamtester login $USER authenticate PIN for OpenPGP card (User PIN): pamtester: successfully authenticated Actual results: User not able to authenticate with pkcs15 certificate via smartcard Expected results: User should be able to authenticate with pkcs15 certificate via smartcard Additional info: -- -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2251709 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=rep...