Closed miszterx closed 6 months ago
Greetings and welcome to our community! As this is the first issue you opened here, we wanted to share some useful infos with you:
This issue has been automatically marked as inactive because it has not had activity in the past two months.
If no further activity occurs, this issue will be automatically closed in one week in order to increase our focus on active topics.
This issue has been automatically closed because it has not had recent activity. Thank you for your contributions.
If the issue has not been resolved, you can find more information in our Wiki or continue the conversation on our Discord.
What happened:
When trying to use Portmaster Tray icon it is unable to connect to Portmaster daemon.
Portmaster daemon shows the following logs:
May 22 09:59:18 d98f8d3.office.telnyx.com portmaster-start[20319]: 230522 09:59:18.220 ocess/find:047 ▶ DEBU 198 process: failed to find (primary) process with PID: process: failed to get Username for p7451: user: unknown userid 983825656 May 22 09:59:18 d98f8d3.office.telnyx.com portmaster-start[20319]: 230522 09:59:18.220 rewall/api:146 ▶ DEBU 199 filter: failed to get process of api request: process: failed to get Username for p7451: user: unknown userid 983825656 May 22 09:59:18 d98f8d3.office.telnyx.com portmaster-start[20319]: 230522 09:59:18.220 rewall/api:195 ▶ WARN 200 filter: denying api access: failed to identify process
What did you expect to happen?:
Portmaster tray should be able to authenticate.
How did you reproduce it?:
Run Portmaster tray with a non-local user in the system.
Debug Information:
Debug Information:
/etc/pam.d/common-account:
account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so account requisite pam_deny.so account required pam_permit.so account sufficient pam_localuser.so account [default=bad success=ok user_unknown=ignore] pam_sss.so
Extra:
I know this was exactly reported under https://github.com/safing/portmaster/issues/1220. The issue creator mentioned a workaround, which can fix the portmaster run, however it breaks the further authentication with sssd. So I can login with my remote user. Then manipulate the /etc/passwd to add the remote user id to the local /etc/passwd. It fix the portmaster for this session. However if I shutdown and leave the /etc/passwd modified I cannot login any more with the remote user.
So as a workaround yes, it can work for a short time, but not a permanent solution.
This is why I want to re-open this bug and request a permanent fix for portmaster with remote user with sssd. Thanks!