Issue #1228: Unable to lookup netgroups with case_sensitive=false. - sssd

SSSD / sssd

#1228 Unable to lookup netgroups with case_sensitive=false.

Closed: Fixed None Opened 12 years ago by jhrozek.

https://bugzilla.redhat.com/show_bug.cgi?id=799915 (Red Hat Enterprise Linux 6)

Description of problem:
Unable to lookup netgroups with case_sensitive=false

Version-Release number of selected component (if applicable):
sssd-1.8.0-11

How reproducible:
Always

Steps to Reproduce:
1. Add a netgroup in ldap server:
dn: cn=NetGroup4,ou=Netgroup,dc=example,dc=com
objectClass: nisNetgroup
cn: NetGroup4_Alias
cn: NetGroup4
nisNetgroupTriple: (Host1.example.com,User1,example.com)
nisNetgroupTriple: (host2.example.com,user2,Example.com)
description: All users in my organization

2. Setup sssd.conf domain section as:
[domain/LDAP]
debug_level=0xFFF0
id_provider = ldap
ldap_uri = ldap://ldapserver.example.com
ldap_search_base = dc=example,dc=com?subtree?
ldap_tls_cacert = /etc/openldap/cacerts/server.pem
case_sensitive = false

3. Lookup the netgroup.

Actual results:
"getent netgroup netgroup4" returns nothing.

Expected results:
Should be able to lookup the netgroup.

Additional info:

sssd_domain.log shows:

<snip>

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_get_netgroups_next_base]
(0x0400): Searching for netgroups with base [dc=example,dc=com]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_get_generic_ext_step]
(0x0400): calling ldap_search_ext with
[(&(cn=netgroup4)(objectclass=nisNetgroup))][dc=example,dc=com].
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_get_generic_ext_step]
(0x1000): Requesting attrs: [objectClass]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_get_generic_ext_step]
(0x1000): Requesting attrs: [cn]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_get_generic_ext_step]
(0x1000): Requesting attrs: [memberNisNetgroup]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_get_generic_ext_step]
(0x1000): Requesting attrs: [nisNetgroupTriple]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_get_generic_ext_step]
(0x1000): Requesting attrs: [nsUniqueId]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_get_generic_ext_step]
(0x1000): Requesting attrs: [modifyTimestamp]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_get_generic_ext_step]
(0x2000): ldap_search_ext called, msgid = 3
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_id_op_connect_done] (0x4000):
caching successful connection after 1 notifies
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_process_result] (0x2000):
Trace: sh[0x17a0bb0], connected[1], ops[0x179bb90], ldap[0x179f230]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_process_result] (0x2000):
Trace: ldap_result found nothing!
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_process_result] (0x2000):
Trace: sh[0x17a0bb0], connected[1], ops[0x179bb90], ldap[0x179f230]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_process_message] (0x4000):
Message type: [LDAP_RES_SEARCH_ENTRY]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_parse_entry] (0x4000):
OriginalDN: [cn=NetGroup4,ou=Netgroup,dc=example,dc=com].
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_process_result] (0x2000):
Trace: sh[0x17a0bb0], connected[1], ops[0x179bb90], ldap[0x179f230]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_process_message] (0x4000):
Message type: [LDAP_RES_SEARCH_RESULT]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_get_generic_ext_done]
(0x0400): Search result: Success(0), no errmsg set
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_get_netgroups_process]
(0x0400): Search for netgroups, returned 1 results.
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [netgr_translate_members_send]
(0x1000): Missing netgroup members.
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [netgr_translate_members_send]
(0x4000): No DNs found among netgroup members.
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_attrs_add_ldap_attr]
(0x2000): Adding original DN [cn=NetGroup4,ou=Netgroup,dc=example,dc=com] to
attributes of [NetGroup4_Alias].
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_attrs_add_ldap_attr]
(0x2000): Adding netgroup triple [(Host1.example.com,User1,example.com)] to
attributes of [NetGroup4_Alias].
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_attrs_add_ldap_attr]
(0x2000): Adding netgroup triple [(host2.example.com,user2,Example.com)] to
attributes of [NetGroup4_Alias].
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_attrs_add_ldap_attr]
(0x2000): original members is not available for [NetGroup4_Alias].
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_attrs_add_ldap_attr]
(0x2000): members is not available for [NetGroup4_Alias].
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sdap_save_netgroup] (0x0400):
Storing info for netgroup NetGroup4_Alias
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sysdb_attrs_get_aliases] (0x2000):
Domain is case-insensitive; will add lowercased aliases
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): start ldb
transaction (nesting: 0)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): start ldb
transaction (nesting: 1)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Added timed
event "ltdb_callback": 0x1789180

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Added timed
event "ltdb_timeout": 0x17892a0

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Destroying
timer event 0x17892a0 "ltdb_timeout"

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Ending
timer event 0x1789180 "ltdb_callback"

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): cancel ldb
transaction (nesting: 1)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sysdb_add_basic_netgroup]
(0x0400): Error: 17 (File exists)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): start ldb
transaction (nesting: 1)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Added timed
event "ltdb_callback": 0x1790b50

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Added timed
event "ltdb_timeout": 0x1790c00

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Destroying
timer event 0x1790c00 "ltdb_timeout"

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Ending
timer event 0x1790b50 "ltdb_callback"

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): commit ldb
transaction (nesting: 1)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): start ldb
transaction (nesting: 1)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sysdb_remove_attrs] (0x2000):
Removing attribute [originalMemberNisNetgroup] from [NetGroup4_Alias]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): start ldb
transaction (nesting: 2)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Added timed
event "ltdb_callback": 0x179ab90

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Added timed
event "ltdb_timeout": 0x17892a0

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Destroying
timer event 0x17892a0 "ltdb_timeout"

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Ending
timer event 0x179ab90 "ltdb_callback"

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): cancel ldb
transaction (nesting: 2)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [sysdb_remove_attrs] (0x2000):
Removing attribute [uniqueID] from [NetGroup4_Alias]
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): start ldb
transaction (nesting: 2)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Added timed
event "ltdb_callback": 0x17892a0

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Added timed
event "ltdb_timeout": 0x179ab90

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Destroying
timer event 0x179ab90 "ltdb_timeout"

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): tevent: Ending
timer event 0x17892a0 "ltdb_callback"

(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): cancel ldb
transaction (nesting: 2)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): commit ldb
transaction (nesting: 1)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [ldb] (0x4000): commit ldb
transaction (nesting: 0)
(Mon Mar  5 15:29:04 2012) [sssd[be[LDAP]]] [netgr_translate_members_done]
(0x4000): Saving 1 Netgroups - Done

</snip>

dpal commented 12 years ago

Fields changed

blockedby: =>
blocking: =>
coverity: =>
feature_milestone: =>
milestone: NEEDS_TRIAGE => SSSD 1.8.1 (LTM)
tests: => 0
testsupdated: => 0
upgrade: => 0

jhrozek commented 12 years ago

Fields changed

owner: somebody => jhrozek
patch: 0 => 1
status: new => assigned

jhrozek commented 12 years ago

master: 9729b24
sssd-1.8: 9027034

jhrozek commented 12 years ago

Fields changed

resolution: => fixed
status: assigned => closed

Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.8.1 (LTM)

7 years ago

pbrezina commented 3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2270

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata

Assignee

jhrozek

Tags

None

Blocking

None

Depending on

None

Priority

major

Milestone

SSSD 1.8.1 (LTM)

type

defect

component

SSSD

version

None

selected

None

testsupdated

patch

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=799915

design_review

None

review

None

changelog

None

keywords

None

coverity

None

mark

None

blocking

None

design

None

sensitive

None

blockedby

None

feature_milestone

None

SSSD / sssd

Source Code

Documentation

#1228 Unable to lookup netgroups with case_sensitive=false. Closed: Fixed None Opened 12 years ago by jhrozek.

Metadata

#1228 Unable to lookup netgroups with case_sensitive=false.

Closed: Fixed None Opened 12 years ago by jhrozek.