Ticket #1338 (closed defect: fixed)

Opened 2 years ago

Last modified 2 years ago

sssd does not provide maps for automounter when custom schema is being used

Reported by: sgallagh Owned by: jhrozek
Priority: major Milestone: SSSD 1.8.4 (LTM)
Component: AutoFS Responder Version: 1.8.3
Keywords: Cc:
Blocked By: Blocking:
Tests Updated: no Coverity Bug:
Patch Submitted: yes Red Hat Bugzilla: 820979
Design link:
Feature Milestone:
Design review: Fedora test page:
Chosen: Candidate to push out:
Release Notes:

Description

https://bugzilla.redhat.com/show_bug.cgi?id=820979 (Fedora)

Description of problem:
sssd does not provide maps for automounter when AD schema (RFC2307) is being
used.
My config:

[root@dorado3 ~]# ldbsearch -H /var/lib/sss/db/config.ldb
server_sort:Unable to register control with rootdse!
# record 1
dn: cn=default,cn=domain,cn=config
auth_provider: krb5
autofs_provider: ldap
cache_credentials: True
chpass_provider: krb5
cn: default
debug_level: 17
dns_discovery_domain: Prague._sites.dublin.ad.s3group.com
id_provider: ldap
krb5_canonicalize: False
krb5_realm: DUBLIN.AD.S3GROUP.COM
krb5_renew_interval: 3600
krb5_renewable_lifetime: 30d
ldap_autofs_entry_key: cn
ldap_autofs_entry_object_class: nisObject
ldap_autofs_entry_value: nisMapEntry
ldap_autofs_map_name: nisMapName
ldap_autofs_map_object_class: nisMap
ldap_autofs_search_base: CN=prague,CN=NIS,DC=dublin,DC=ad,DC=s3group,DC=com
ldap_group_object_class: group
ldap_id_use_start_tls: False
ldap_sasl_authid: DORADO3$@DUBLIN.AD.S3GROUP.COM
ldap_sasl_mech: GSSAPI
ldap_schema: rfc2307bis
ldap_search_base: dc=dublin,dc=ad,dc=s3group,dc=com
ldap_tls_cacertdir: /etc/openldap/cacerts
ldap_user_home_directory: unixHomeDirectory
ldap_user_object_class: user
distinguishedName: cn=default,cn=domain,cn=config

# record 2
dn: cn=sssd,cn=config
cn: sssd
config_file_version: 2
debug_level: 17
domains: default
services: nss, pam, autofs
distinguishedName: cn=sssd,cn=config

# record 3
dn: cn=config
version: 2
lastUpdate: 1336729570
distinguishedName: cn=config

# record 4
dn: cn=nss,cn=config
cn: nss
distinguishedName: cn=nss,cn=config

# record 5
dn: cn=example.com,cn=domain,cn=config
access_provider: ipa
auth_provider: ipa
cache_credentials: True
chpass_provider: ipa
cn: example.com
id_provider: ipa
ipa_domain: example.com
ipa_server: _srv_, polaris.example.com
distinguishedName: cn=example.com,cn=domain,cn=config

# record 6
dn: cn=autofs,cn=config
cn: autofs
debug_level: 10
distinguishedName: cn=autofs,cn=config

# record 7
dn: cn=pam,cn=config
cn: pam
distinguishedName: cn=pam,cn=config

# returned 7 records
# 7 entries
# 0 referrals

The sssd_default.log shows that maps were found successfully, but no maps are
located in sssd cache as per:

ldbsearch -H /var/lib/sss/db/cache_default.ldb
'(|(objectclass=nisMap)(objectclass=nisObject))'

Version-Release number of selected component (if applicable):
[root@dorado3 ~]# rpm -qa | grep sss
sssd-1.8.3-11.fc17.x86_64
libsss_autofs-1.8.3-11.fc17.x86_64
libsss_sudo-1.8.3-11.fc17.x86_64
sssd-client-1.8.3-11.fc17.x86_64


How reproducible:
always

Steps to Reproduce:
1. configure automounter to get maps from sss
2. try 'automount -m'
3.

Actual results:
Maps should be visible in the output

Expected results:
no maps are seen

Additional info:

Change History

comment:1 Changed 2 years ago by jhrozek

  • upgrade set to 0
  • Patch Submitted set
  • Tests Updated unset
  • Status changed from new to assigned
  • Owner set to jhrozek
  • tests set to 0

comment:2 Changed 2 years ago by sgallagh

  • Resolution set to fixed
  • Milestone changed from NEEDS_TRIAGE to SSSD 1.8.4 (LTM)
  • Status changed from assigned to closed
Note: See TracTickets for help on using tickets.