Learn more about these different git repos.
Other Git URLs
https://bugzilla.redhat.com/show_bug.cgi?id=902716 (Red Hat Enterprise Linux 6)
Description of problem: SSSD doesn't notice rule becoming a mismatch immediately, but only after a smart refresh on ppc64 and s390x with directory server running on x86_64. Version-Release number of selected component (if applicable): sssd-client-1.9.2-74.el6.s390x libsss_idmap-1.9.2-74.el6.s390x libsss_sudo-1.9.2-74.el6.s390x sssd-1.9.2-74.el6.s390x How reproducible: always Steps to Reproduce: 1. Setup LDAP directory, using the attached mismatch_refresh_test.ldif file as reference. 2. Setup SSSD client using the attached sssd.conf as reference. 3. Execute the following, replacing the server hostname: ---:<--- service sssd restart >/dev/null ldapmodify -h dell-pe840-01.rhts.eng.bos.redhat.com -x -D cn=Manager,dc=example,dc=com -w Secret123 <<<" dn: cn=test,ou=Sudoers,dc=example,dc=com replace: sudoUser sudoUser: user2" >/dev/null su -c 'sudo -u user2 true' user1 && echo ALLOWED || echo DENIED sleep 11 su -c 'sudo -u user2 true' user1 && echo ALLOWED || echo DENIED --->:--- Actual results: ALLOWED user1 is not allowed to run sudo on ibm-z10-02. This incident will be reported. DENIED Expected results: user1 is not allowed to run sudo on ibm-z10-02. This incident will be reported. DENIED user1 is not allowed to run sudo on ibm-z10-02. This incident will be reported. DENIED Additional info: This works as documented on x86_64 and i386. Use the following command for test teardown, replacing the server hostname: ---:<--- ldapmodify -h dell-pe840-01.rhts.eng.bos.redhat.com -x -D cn=Manager,dc=example,dc=com -w Secret123 <<<" dn: cn=test,ou=Sudoers,dc=example,dc=com replace: sudoUser sudoUser: user1" >/dev/null --->:---
Fields changed
blockedby: => blocking: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => owner: somebody => pbrezina patch: 0 => 1 selected: => status: new => assigned testsupdated: => 0
milestone: NEEDS_TRIAGE => SSSD 1.9.4 priority: major => blocker resolution: => fixed status: assigned => closed
Metadata Update from @pbrezina: - Issue assigned to pbrezina - Issue set to the milestone: SSSD 1.9.4
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2821
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.