About JamesHarr74967

JamesHarr74967 · 05-26-2022

Hello, I was testing Duo AlmaLinux9 (RHEL 9 derivative) and found an issue with the Duo RPM registry. After getting some help from AlmaLinux community, I found out that that AlmaLinux9 (and presumably other RHEL9 derivatives) have disabled SHA1 signa...

JamesHarr74967 · 12-11-2025

Just a follow-up note, we found that in some cases, you might need read & exec for a NACM rule. Why? Not really sure, but it seemed to fix our problem. group [ foo ]; rule action { path /ncs:services/foo:foo; access-operations rea...

JamesHarr74967 · 07-15-2025

@Qi LiI opened this issue for the shell example: https://github.com/NSO-developer/nso-sso-duo-integration---native/issues/1However I could not find the python code in the NSO-developer github repository.

JamesHarr74967 · 06-26-2025

Doesn't this string interpolation open the system up to shell command injection?output = subprocess.Popen(['/bin/bash', '-c', f'/usr/sbin/login_duo -d -f {args["user"]} echo ""'], stdout=subprocess.PIPE, stderr=subprocess.PIPE).communicate()[1].decod...

JamesHarr74967 · 03-11-2024

By default it runs as the current user and if you use something like RADIUS to provide groups when the user logs in then NSO will have no clue what groups you're in and you'll wind up with this.The fix we (NOW) use is to look at a hidden leaf in the ...

JamesHarr74967 · 06-26-2023

How about arm/aarch64 builds of the duo packages?

Member Since	‎07-02-2020 01:22 PM
Date Last Visited	‎12-12-2025 04:22 AM
Posts	14
Total Helpful Votes Received	18

User Statistics

User Activity

Duo RPM repository broken for EL9 distributions

Re: How to define NACM paths for custom actions?

Re: Enabling 2FA for NSO CLI-over-SSH with DUO and Package Authenticat

Re: Enabling 2FA for NSO CLI-over-SSH with DUO and Package Authenticat

Re: NSO schedular task -info "access denied"

Re: Duo Unix SRPMS for aarch64/ARM