Learn more about these different git repos.
Other Git URLs
https://bugzilla.redhat.com/show_bug.cgi?id=801377 (Red Hat Enterprise Linux 6)
Description of problem: Upon requesting a non-existing netgroup name, the command #getent netgroup <unknown_group> returns the same name, however the command is expected to return nothing. This happens when sssd is configured as proxy provider. Version-Release number of selected component (if applicable): sssd-1.8.0-11.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. Edit /etc/ldap.conf and add the following: uri ldap://<hostname.com>:<port> ssl no base <basedn> 2. Create and edit /etc/pam.d/sssdproxyldap with the following contents: auth required pam_ldap.so account required pam_ldap.so password required pam_ldap.so session required pam_ldap.so 3. To produce the issue, setup sssd.conf as below: [sssd] reconnection_retries = 3 config_file_version = 2 sbus_timeout = 30 services = nss, pam domains = PROXY debug_level = 9 [nss] filter_groups = root filter_users = root [pam] [domain/PROXY] id_provider = proxy auth_provider = proxy cache_credentials = TRUE proxy_lib_name = ldap proxy_pam_target = sssdproxyldap enumerate = TRUE debug_level = 9 ldap_tls_cacertdir = /etc/openldap/cacerts/ 4. After setting the above configurations, start sssd service and run the following step: [root@sssd-client sssd]# getent netgroup some_group Actual results: The cmd #getent returns the non-existing netgroup name as given below: [root@sssd-client sssd]# getent netgroup some_group some_group [root@sssd-client sssd]# getent netgroup some_group some_group Expected results: The cmd #getent should return nothing upon requesting a non-existing netgroup. [root@sssd-client sssd]# getent netgroup some_group [root@sssd-client sssd]# getent netgroup some_group Additional info:
Fields changed
blockedby: => blocking: => coverity: => feature_milestone: => priority: major => blocker tests: => 0 testsupdated: => 0 upgrade: => 0
milestone: NEEDS_TRIAGE => SSSD 1.8.1 (LTM)
patch: 0 => 1
Fixed by: - master - 7c9d530 - e921213 - sssd-1-8 - 57c4f6c - 2141ddc
resolution: => fixed status: new => closed
Metadata Update from @sgallagh: - Issue set to the milestone: SSSD 1.8.1 (LTM)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2284
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.