su command's return value is wrong when pam_sss is enabled.

Solution Verified - Updated -

Issue

When a command is run via su from root, the exit status is always 0, even if the command fails.

For example:

# service sssd status
sssd (pid  3009) is running...

# su - local_user -c "ls -8" ; echo $?
ls: invalid option -- '8'
Try `ls --help' for more information.
0

# service sssd stop
Stopping sssd:                                             [  OK  ]
# su - local_user -c "ls -8" ; echo $?
ls: invalid option -- '8'
Try `ls --help' for more information.
2
  • User local_user is a local user (from /etc/passwd file).
  • If we stop the sssd service(or remove pam_sss from the PAM session section, then the command's exit status is correct.

Environment

  • Red Hat Enterprise Linux (RHEL) 6
  • sssd-1.8.0-32.el6.x86_64

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content