search

safing / portmaster

🏔 Love Freedom - ❌ Block Mass Surveillance
https://safing.io
GNU General Public License v3.0
9.38k stars 305 forks source link

Failing to authenticate portmaster tray when using non-local users (eg: using users from sssd) #1220

Closed aitorpazos closed 1 year ago

aitorpazos commented 1 year ago

What happened:

When trying to use Portmaster Tray icon it is unable to connect to Portmaster daemon.

Portmaster daemon shows the following logs:

May 22 09:59:18 d98f8d3.office.telnyx.com portmaster-start[20319]: 230522 09:59:18.220 ocess/find:047 ▶ DEBU 198 process: failed to find (primary) process with PID: process: failed to get Username for p7451: user: unknown userid 983825656
May 22 09:59:18 d98f8d3.office.telnyx.com portmaster-start[20319]: 230522 09:59:18.220 rewall/api:146 ▶ DEBU 199 filter: failed to get process of api request: process: failed to get Username for p7451: user: unknown userid 983825656
May 22 09:59:18 d98f8d3.office.telnyx.com portmaster-start[20319]: 230522 09:59:18.220 rewall/api:195 ▶ WARN 200 filter: denying api access: failed to identify process

What did you expect to happen?:

Portmaster tray should be able to authenticate.

How did you reproduce it?:

Run Portmaster tray with a non-local user in the system.

Workaround:

Create an entry for your user in /etc/passwd file, keeping same home, uid/gid and shell as provided by remote account provider and set password. WARNING: this may obviously break your local user account/password syncing with remote server.

Debug Information:

/etc/pam.d/common-account:

account [success=1 new_authtok_reqd=done default=ignore]        pam_unix.so 
account requisite                       pam_deny.so
account required                        pam_permit.so
account sufficient                      pam_localuser.so 
account [default=bad success=ok user_unknown=ignore]    pam_sss.so

System info:

Operating System: KDE neon 5.27
KDE Plasma Version: 5.27.5
KDE Frameworks Version: 5.106.0
Qt Version: 5.15.9
Kernel Version: 5.19.0-41-generic (64-bit)
Graphics Platform: Wayland
Processors: 4 × Unknown Type, 4 × 11th Gen Intel® Core™ i7-1185G7 @ 3.00GHz
Memory: 31.1 GiB of RAM
Graphics Processor: Mesa Intel® Xe Graphics
Manufacturer: Dell Inc.
Product Name: Latitude 7420
Raphty commented 1 year ago

thank you for reporting and adding the work around as well.