#1727 AD provider: getgrgid removes nested group memberships
Closed: Fixed None Opened 10 years ago by jhrozek.

https://bugzilla.redhat.com/show_bug.cgi?id=887961 (Red Hat Enterprise Linux 6)

Description of problem:
After a successfull initgroups operation, the subsequent getgrgid removes the
nested memberships. As far as we can tell, this only happens with the AD
provider. So far, we've been unable to reproduce the issue in-house, but Marko
Myllynen (CC) has

Version-Release number of selected component (if applicable):
1.9.3 upstream, 1.9.2 candidate from 6.4

How reproducible:
depends on the environment

Steps to Reproduce:
1. id -G user
2. id user

Actual results:
The id -G call returns all the groups correctly and in the cache the memberofs
are linked by SIDs which is expected as we don't know the group names yet. But
after the user runs full id, which also calls getgrgid on the resolved SIDs, we
lose the memberships for some reason

Expected results:
The groups should stay the same

Additional info:
Marko thinks this was working at one point during the 1.9 development. We need
to follow up and verify.

Fields changed

blockedby: =>
blocking: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
milestone: NEEDS_TRIAGE => SSSD 1.9.4
testsupdated: => 0

Fields changed

owner: somebody => jhrozek
patch: 0 => 1
selected: =>
status: new => assigned

resolution: => fixed
status: assigned => closed

Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.9.4

6 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2769

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.