#2471 RHEL6.6 sssd (1.11) fails if IPA permissions and roles have the same name

Created 3 years ago by jhrozek
Modified a year ago

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1154042

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

It appears that we dereference also permissions and roles and if any two object have the same name, we fail.

Fields changed

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
owner: somebody => pbrezina
review: True => 0
selected: =>
testsupdated: => 0

This is a regression in the 1.11.x line. Putting the ticket into the 1.11 milestone.

milestone: NEEDS_TRIAGE => SSSD 1.11.8

This bug is introduced by "IPA: process non-posix nested groups" dfb34c6c82ed5014599bf70de6791e6d79106fc2. Since this commit we try to process roles, permissions and priviledges as groups since those objects have objectClass groupOfNames.

Fields changed

patch: 0 => 1

resolution: => fixed
status: new => closed

a year ago

Metadata Update from @jhrozek:
- Issue assigned to pbrezina
- Issue set to the milestone: SSSD 1.11.8

Login to comment on this ticket.

defect

SSSD

0

1

https://bugzilla.redhat.com/show_bug.cgi?id=1154042

0

0

0

cancel