Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Undefined
Fix Version/s: rhel-8.10
Affects Version/s: rhel-8.9.0
Component/s: scap-security-guide
Labels:
- MigratedToJIRA
- Triaged

Regression:
None
Severity:
None

Pool Team:

sst_security_compliance
Sub-System Group:

ssg_security

Internal Target Milestone:
26
Story Points:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
No
Sprint:
None

Acceptance Criteria:

Hide

TEST_PARAM:RULE=sssd_certificate_verification sssd_enable_pam_services sssd_enable_smartcards sssd_memcache_timeout sssd_offline_cred_expiration sssd_run_as_sssd_user sssd_ssh_known_hosts_timeout

Show
TEST_PARAM:RULE=sssd_certificate_verification sssd_enable_pam_services sssd_enable_smartcards sssd_memcache_timeout sssd_offline_cred_expiration sssd_run_as_sssd_user sssd_ssh_known_hosts_timeout
Git Pull Request:
https://github.com/ComplianceAsCode/content/pull/10695
Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/128049
Test Coverage:
None

Experience:
Architecture:

Unspecified
Bugzilla Bug:
RHBZ: 2220875

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Description of problem: [sssd] [sss_ini_add_snippets] (0x0020): Config merge error: File /etc/sssd/conf.d/certificate_verification.conf did not pass access check.

Version-Release number of selected component (if applicable):
ipa-server-4.9.12-2.module+el8.9.0+18921+013c0de2.x86_64
sssd-common-2.9.0-4.el8.x86_64

How reproducible: Always

Steps to Reproduce:
1. Install IPA server in STIG env.
2. Check the dmesg log

Actual results:
Jul 6 07:51:46 master systemd[1]: Starting SSSD Kerberos Cache Manager...
Jul 6 07:51:46 master sssd[20838]: [sssd] [sss_ini_add_snippets] (0x0020): Config merge error: File /etc/sssd/conf.d/certificate_verification.conf did not pass access check. Skipping.
Jul 6 07:51:46 master systemd[1]: Started SSSD Kerberos Cache Manager.

Expected results:
Fix the merge error.

Additional info:

external trackers

Red Hat Issue Tracker RHELPLAN-161679

links to

RHBA-2024:128049 scap-security-guide bug fix and enhancement update

mentioned on

Commit - Rebase to new upstream version 0.1.72

Merge request - Rebase to new upstream version 0.1.72

Assignee:: Vojtech Polasek

Reporter:: Sudhir Menon

Developer:: Vojtech Polasek

QA Contact:: Milan Lysonek

Votes:: 0 Vote for this issue

Watchers:: 13 Start watching this issue

Created:: 2023/08/15 3:02 PM

Updated:: 2024/02/26 1:52 PM

Resolved:: 2024/02/26 1:52 PM

Target end:: 2024/02/26

Release Date:: 2024/02/26

Details

Description

Attachments

Issue Links

Activity

People

Dates