Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1214719
Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.
+++ This bug was initially created as a clone of Bug #1213947 +++ Description of problem: If id user is run first, then all groups are resolved without the group override for the user's group. Running getent for the group on an empty cache applies the override but id for the user does not resolve all group memberships. Version-Release number of selected component (if applicable): [root@ibm-x3250m4-04 ~]# rpm -q sssd ipa-client sssd-1.12.4-29.el6.x86_64 ipa-client-3.0.0-46.el6.x86_64 How reproducible: always Steps to Reproduce: On Server * No other view applied on any client host [root@sideswipe ~]# ipa idoverridegroup-find 'default trust view' ---------------------------- 2 Group ID overrides matched ---------------------------- Anchor to override: adgroup1@adtest.qe GID: 12121212 Anchor to override: adgroup1@pune.adtest.qe GID: 78787878 ---------------------------- Number of entries returned 2 ---------------------------- [root@sideswipe ~]# ipa idoverrideuser-find 'default trust view' --------------------------- 4 User ID overrides matched --------------------------- Anchor to override: aduser07@adtest.qe User login: syncuser07 Anchor to override: aduser1@adtest.qe UID: 1902400018 GID: 1902400018 Home directory: /home/aduser1 Anchor to override: aduser1@pune.adtest.qe UID: 999999991 GID: 999999991 Home directory: /home/pune/aduser1 Login shell: /bin/tcsh Anchor to override: aduser2@adtest.qe UID: 1902400017 GID: 1902400017 Home directory: /home/aduser2 ---------------------------- Number of entries returned 4 ---------------------------- [root@sideswipe ~]# service sssd stop ; rm -f /var/lib/sss/{db,mc}/* ; service sssd start Redirecting to /bin/systemctl stop sssd.service Redirecting to /bin/systemctl start sssd.service On Client1 [root@ibm-x3250m4-04 ~]# service sssd stop; rm -rf /var/lib/sss/{db,mc}/*; service sssd start Stopping sssd: [ OK ] Starting sssd: [ OK ] [root@ibm-x3250m4-04 ~]# id aduser1@pune.adtest.qe uid=999999991(aduser1@pune.adtest.qe) gid=999999991(aduser1@pune.adtest.qe) gro ups=999999991(aduser1@pune.adtest.qe),1148402424(adunigroup1@adtest.qe),8390011 72(adgroup2@pune.adtest.qe),839001120(adgroup1@pune.adtest.qe),839000513(domain users@pune.adtest.qe) [root@ibm-x3250m4-04 ~]# getent group adgroup1@pune.adtest.qe adgroup1@pune.adtest.qe:*:839001120:aduser1@pune.adtest.qe,aduser2@pune.adtest. qe [root@ibm-x3250m4-04 ~]# getent group adgroup1@adtest.qe adgroup1@adtest.qe:*:12121212:aduser2@adtest.qe,aduser1@adtest.qe * Clear sssd cache on server and client [root@ibm-x3250m4-04 ~]# service sssd stop; rm -rf /var/lib/sss/{db,mc}/*; service sssd start Stopping sssd: [ OK ] Starting sssd: [ OK ] [root@ibm-x3250m4-04 ~]# getent group adgroup1@pune.adtest.qe adgroup1@pune.adtest.qe:*:78787878:aduser1@pune.adtest.qe,aduser2@pune.adtest.q e [root@ibm-x3250m4-04 ~]# id aduser1@pune.adtest.qe uid=999999991(aduser1@pune.adtest.qe) gid=999999991(aduser1@pune.adtest.qe) groups=999999991(aduser1@pune.adtest.qe),78787878(adgroup1@pune.adtest.qe) [root@ibm-x3250m4-04 ~]# getent group adgroup1@adtest.qe adgroup1@adtest.qe:*:12121212:aduser2@adtest.qe,aduser1@adtest.qe --- Additional comment from RHEL Product and Program Management on 2015-04-21 11:31:12 EDT --- Since this bug report was entered in bugzilla, the release flag has been set to ? to ensure that it is properly evaluated for this release.
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1213947 (Red Hat Enterprise Linux 6)
rhbz: [https://bugzilla.redhat.com/show_bug.cgi?id=1214719 1214719] => [https://bugzilla.redhat.com/show_bug.cgi?id=1214719 1214719], [https://bugzilla.redhat.com/show_bug.cgi?id=1213947 1213947]
Fields changed
blockedby: => blocking: => changelog: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => mark: no => 0 patch: 0 => 1 review: True => 0 selected: => testsupdated: => 0
owner: somebody => sbose status: new => assigned
milestone: NEEDS_TRIAGE => SSSD 1.12.5
resolution: => fixed status: assigned => closed
Metadata Update from @jhrozek: - Issue assigned to sbose - Issue set to the milestone: SSSD 1.12.5
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3674
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.