8.3. Displaying user authorization details using sssctl

PDF

The sssctl user-checks command helps debug problems in applications that use the System Security Services Daemon (SSSD) for user lookup, authentication, and authorization.

The sssctl user-checks [USER_NAME] command displays user data available through Name Service Switch (NSS) and the InfoPipe responder for the D-Bus interface. The displayed data shows whether the user is authorized to log in using the system-auth Pluggable Authentication Module (PAM) service.

The command has two options:

-a for a PAM action
-s for a PAM service

If you do not define -a and -s options, the sssctl tool uses default options: -a acct -s system-auth.

Conditions préalables

You must be logged in with administrator privileges
The sssctl tool is available on RHEL 7, RHEL 8, and RHEL 9 systems.

Procédure

To display user data for a particular user, enter:

[root@client1 ~]# sssctl user-checks -a acct -s sshd example.user
user: example.user
action: acct
service: sshd
....

Ressources supplémentaires

sssctl user-checks --help

8.3. Displaying user authorization details using sssctl

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Rendre l’open source plus inclusif

À propos de Red Hat

Red Hat legal and privacy links

Red Hat legal and privacy links