Learn more about these different git repos.
Other Git URLs
The dereference code currently fails completely when processing initgroups of an IPA user who is a member of some Role or linked to a Permission against a new (4.0) IPA server.
This is because in 4.0, IPA switched to a different permission model that no longer allows the host principal to read the rbac and pbac containers. The current dereference code errors out when it can't read even the objectclass of an entry.
This bug could be also triggered outside IPA, just by restricting the ACI on the linked entry.
owner: somebody => jhrozek
status: new => assigned
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1135432
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=1135432 1135432]
patch: 0 => 1
milestone: NEEDS_TRIAGE => SSSD 1.11.7
resolution: => fixed
status: assigned => closed
Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.11.7
SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here:
If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.
Thank you for understanding. We apologize for all inconvenience.
to comment on this ticket.