Thanks for your work on this! This stack is definitely complex! a) sudo add-apt-repository ppa:yubico/stable
Why a ppa? We have the yubi packages in the archive, and we should preferably use them if possible. b) create CSR with smartcard ( create openssl.cnf with keyUsage, extendedKeyUsage, subjectAltName with UPN ) Please provide the openssl.cnf file with these filled in. c) setup sssd, krb5, pam This step in the test plan needs more details. I understand you are writing this as you go, and are focusing on testing it yourself in questing, but at some point this test plan will be followed, and these details will be needed. d) check the syslog This step still contains a lot of investigative entries. I understand you are still updating this bug and the PR as you encounter more issues and update the fix, but at some point this step needs to be cleaned up and offer a clear and concise expectation: what is happening (the bug), and what should happen instead. Moreover, and more importantly even, is that the logs are just a consequence, and one that the user will likely not see. What we should be testing is if the login/authentication works or not. That is the first thing. The logs are secondary, and useful to corroborate the working/non-working state. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2109673 Title: Authentication with smartcard is not working with apparmor DENIED To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/2109673/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
