#2642 Override for IPA users with login does not list user all groups
Closed: Fixed None Opened 5 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1215195

Description of problem:
When ipa user override is added with a new login name, id command does not list
all its groups

Version-Release number of selected component (if applicable):
[root@vm-idm-018 ~]# rpm -q sssd
sssd-1.12.4-31.el6.x86_64

How reproducible:
always

Steps to Reproduce:

On Server

[root@sideswipe ~]# ipa user-show ipauser1
  User login: ipauser1
  First name: f
  Last name: l
  Home directory: /home/ipauser1
  Login shell: /bin/sh
  Email address: ipauser1@ipaviews.test
  UID: 1902400005
  GID: 1902400005
  Account disabled: False
  Password: True
  Member of groups: grp2, grp1, ipausers
  Kerberos keys available: True

[root@sideswipe ~]# ipa idoverrideuser-add hostview ipauser1 --login useripa1
---------------------------------
Added User ID override "ipauser1"
---------------------------------
  Anchor to override: ipauser1
  User login: useripa1
[root@sideswipe ~]# service sssd stop ; rm -fr /var/lib/sss/{db,mc}/* ; service
sssd start
Redirecting to /bin/systemctl stop  sssd.service
Redirecting to /bin/systemctl start  sssd.service

[root@sideswipe ~]# ipa idview-apply hostview --hosts
vm-idm-018.ipaviews.test--------------------------
Applied ID View "hostview"
--------------------------
  hosts: vm-idm-018.ipaviews.test
---------------------------------------------
Number of hosts the ID View was applied to: 1
---------------------------------------------


* On Client1 where hostview is not applied

[root@ibm-x3250m4-04 ~]# service sssd stop; rm -rf /var/lib/sss/{db,mc}/*;
service sssd start
Stopping sssd: [  OK  ]
Starting sssd: [  OK  ]
[root@ibm-x3250m4-04 ~]# id ipauser1
uid=1902400005(ipauser1) gid=1902400005(ipauser1)
groups=1902400005(ipauser1),1902400007(grp2),1902400006(grp1)


* On Client2 where host view is applied

[root@vm-idm-018 ~]# service sssd stop; rm -rf /var/lib/sss/{db,mc}/*; service
sssd start
Stopping sssd: [  OK  ]
Starting sssd: [  OK  ]
[root@vm-idm-018 ~]# id useripa1
uid=1902400005(useripa1) gid=1902400005(ipauser1) groups=1902400005(ipauser1)

[root@vm-idm-018 ~]# id useripa1
uid=1902400005(useripa1) gid=1902400005(ipauser1) groups=1902400005(ipauser1)

Fields changed

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
owner: somebody => sbose
patch: 0 => 1
review: True => 0
selected: =>
status: new => assigned
testsupdated: => 0

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.12.5

resolution: => fixed
status: assigned => closed

Metadata Update from @jhrozek:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.12.5

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3683

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata