Learn more about these different git repos.
Other Git URLs
My sssd.conf (erroneously) had the following ranges set: LOCAL: 500 - 5000 LEGACYLOCAL: 5000 - 10000
I created a new user "localuser" in the LOCAL domain. It received UID 5000. I logged in as this user using "su - localuser" and ran the command "whoami"
"whoami: cannot find name for user ID 5000"
I examined the SSSD logs and saw this:
[sssd[nss]] [accept_fd_handler] (4): Client connected! [sssd[nss]] [nss_cmd_getpwuid] (4): Requesting info for [5000@LOCAL] [sssd[nss]] [nss_cmd_getpwuid] (4): Requesting info for [5000@LEGACYLOCAL] [sssd[nss]] [nss_cmd_getpwuid] (4): Uid [5000] does not exist in domain [LDAP]! (id out of range) [sssd[nss]] [nss_cmd_getpwuid] (4): Uid [5000] does not exist in domain [PRIVATELDAP]! (id out of range) [sssd[nss]] [nss_dp_send_acct_req] (4): Sending request for [LEGACYLOCAL][1][core][idnumber=5000] [sssd[nss]] [nss_cmd_getpwuid_callback] (2): No results for getpwuid call [sssd[nss]] [client_recv] (5): Client disconnected! [sssd[nss]] [sbus_conn_read_write_handler] (6): Connection is open for read/write. [sssd[nss]] [sbus_dispatch] (6): conn: 1E96DD0 [sssd[nss]] [sbus_dispatch] (6): Dispatching.
When I corrected the overlap in the configuration, the user was detected properly, however it appears to be a bug that the getpwuid routine continues searching subsequent domains once it finds a valid user. Apparently here, it checked the LOCAL domain, found it, then checked the LEGACYLOCAL domain and overwrote the results.
Fields changed
description: My sssd.conf (erroneously) had the following ranges set: LOCAL: 500 - 5000 LEGACYLOCAL: 5000 - 10000
I created a new user "localuser" in the LOCAL domain. It received UID 5000. I logged in as this user using "su - localuser" and ran the command "whoami" "whoami: cannot find name for user ID 5000"
When I corrected the overlap in the configuration, the user was detected properly, however it appears to be a bug that the getpwuid routine continues searching subsequent domains once it finds a valid user. Apparently here, it checked the LOCAL domain, found it, then checked the LEGACYLOCAL domain and overwrote the results. => My sssd.conf (erroneously) had the following ranges set: LOCAL: 500 - 5000 LEGACYLOCAL: 5000 - 10000
I examined the SSSD logs and saw this: {{{ [sssd[nss]] [accept_fd_handler] (4): Client connected! [sssd[nss]] [nss_cmd_getpwuid] (4): Requesting info for [5000@LOCAL] [sssd[nss]] [nss_cmd_getpwuid] (4): Requesting info for [5000@LEGACYLOCAL] [sssd[nss]] [nss_cmd_getpwuid] (4): Uid [5000] does not exist in domain [LDAP]! (id out of range) [sssd[nss]] [nss_cmd_getpwuid] (4): Uid [5000] does not exist in domain [PRIVATELDAP]! (id out of range) [sssd[nss]] [nss_dp_send_acct_req] (4): Sending request for [LEGACYLOCAL][1][core][idnumber=5000] [sssd[nss]] [nss_cmd_getpwuid_callback] (2): No results for getpwuid call [sssd[nss]] [client_recv] (5): Client disconnected! [sssd[nss]] [sbus_conn_read_write_handler] (6): Connection is open for read/write. [sssd[nss]] [sbus_dispatch] (6): conn: 1E96DD0 [sssd[nss]] [sbus_dispatch] (6): Dispatching. }}} When I corrected the overlap in the configuration, the user was detected properly, however it appears to be a bug that the getpwuid routine continues searching subsequent domains once it finds a valid user. Apparently here, it checked the LOCAL domain, found it, then checked the LEGACYLOCAL domain and overwrote the results.
resolution: => fixed status: new => closed version: => 0.3.1
rhbz: => 0
Metadata Update from @sgallagh: - Issue assigned to simo
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/1063
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Log in to comment on this ticket.