#1624 sudoUser group and netgroup specifications don't work
Closed: Invalid None Opened 7 years ago by jhrozek.

https://bugzilla.redhat.com/show_bug.cgi?id=872619 (Red Hat Enterprise Linux 6)

Description of problem:
sudoUser %group_name and %#group_id values result in always denied access,
+netgroup_name values result in always allowed access.

Version-Release number of selected component (if applicable):
sssd-1.9.2-4.el6.x86_64
libsss_idmap-1.9.2-4.el6.x86_64
libsss_autofs-1.9.2-4.el6.x86_64
sssd-client-1.9.2-4.el6.x86_64
libsss_sudo-1.9.2-4.el6.x86_64

How reproducible:
always

Steps to Reproduce:
1. Use attached LDIF file to fill LDAP directory
2. Use attached sssd.conf as the base for client configuration
3. Execute attached sudo_user_spec_test on the client

Actual results:
%group_user1: DENIED
%group_user2: DENIED
%#20001: DENIED
%#20002: DENIED
+netgroup_user1: ALLOWED
+netgroup_user2: ALLOWED

Expected results:
%group_user1: ALLOWED
%group_user2: DENIED
%#20001: ALLOWED
%#20002: DENIED
+netgroup_user1: ALLOWED
+netgroup_user2: DENIED

Fields changed

blockedby: =>
blocking: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
owner: somebody => pbrezina
testsupdated: => 0

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.9.4

The upstream bug was closed as notabug as well in favor of several smaller issues.

resolution: => invalid
status: new => closed

Metadata Update from @jhrozek:
- Issue assigned to pbrezina
- Issue set to the milestone: SSSD 1.9.4

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2666

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata