Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1220767
Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.
Description of problem: Group renaming issue when "id_provider = ldap" is set. In ldap if a group is renamed but retaining the same gidNumber then in ldap client after cache expiry only the gidNumber is displayed for the user. New groupname is not displayed. Version-Release number of selected component (if applicable): sssd-1.11.6-30.el6_6.4.x86_64 How reproducible: Always Steps to Reproduce: 1. LDAP Server: create a group in ldap. ---------------------------------------------------- dn: cn=oldgroup,ou=Groups,dc=example,dc=com objectClass: top objectClass: posixGroup objectClass: groupOfNames cn: oldgroup gidNumber: 100104 member: uid=tuser,ou=People,dc=example,dc=com ---------------------------------------------------- 2. LDAP Client: SSSD is configured as below. ---------------------------------------------------- id_provider = ldap auth_provider = ldap ldap_uri = ldap://openldap.example.com ldap_search_base = dc=example,dc=com ldap_schema = rfc2307bis entry_cache_timeout = 30 ---------------------------------------------------- 3. LDAP Client: Check the "tuser" output. # id tuser uid=2002(tuser) gid=2002(tuser) groups=2002(tuser),100104(oldgroup) 4. LDAP Server: Delete the "oldgroup" and create a new group retaining the same gidNumber as below. ---------------------------------------------------- dn: cn=newgroup,ou=Groups,dc=example,dc=com objectClass: top objectClass: posixGroup objectClass: groupOfNames cn: newgroup gidNumber: 100104 member: uid=tuser,ou=People,dc=example,dc=com ---------------------------------------------------- 5. LDAP Client: After SSSD cache expiry run the id command again. # id tuser uid=2002(tuser) gid=2002(tuser) groups=2002(tuser),100104 Actual results: gidNumber is not mapped to any name. Expected results: gidNumber should display the new groupname after SSSD cache expiry. Additional info:
Fields changed
blockedby: => blocking: => changelog: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => mark: no => 0 milestone: NEEDS_TRIAGE => SSSD 1.14 beta review: True => 0 selected: => testsupdated: => 0
We might need to do this sooner, moving up
milestone: SSSD 1.14 beta => NEEDS_TRIAGE sensitive: => 0
I suggest we close this one as a duplicate of the ticket that tracks removing database completely with sss_cache.
milestone: NEEDS_TRIAGE => SSSD 1.15 beta
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD Future releases (no date set yet)
Metadata Update from @jhrozek: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1220767, https://bugzilla.redhat.com/show_bug.cgi?id=1378134 (was: https://bugzilla.redhat.com/show_bug.cgi?id=1220767)
Issue linked to Bugzilla: Bug 1378134
Metadata Update from @jhrozek: - Custom field design_review reset (from 0) - Custom field mark reset (from 0) - Custom field patch reset (from 0) - Custom field review reset (from 0) - Custom field sensitive reset (from 0) - Custom field testsupdated reset (from 0) - Issue assigned to fidencio - Issue close_status updated to: None - Issue set to the milestone: SSSD 1.16.0 (was: SSSD Future releases (no date set yet)) - Issue tagged with: PR
btw since there is a PR, we might as well push to 1.15.x when the PR is merged.
Metadata Update from @jhrozek: - Custom field design_review reset (from false) - Custom field mark reset (from false) - Custom field patch reset (from false) - Custom field review reset (from false) - Custom field sensitive reset (from false) - Custom field testsupdated reset (from false)
Since we are required to release a new upstream tarball no later than Friday Oct-20, I'm moving tickets that will not be closed by that date to the next milestone, 1.16.1
Metadata Update from @jhrozek: - Custom field design_review reset (from false) - Custom field mark reset (from false) - Custom field patch reset (from false) - Custom field review reset (from false) - Custom field sensitive reset (from false) - Custom field testsupdated reset (from false) - Issue set to the milestone: SSSD 1.16.1 (was: SSSD 1.16.0)
Metadata Update from @jhrozek: - Custom field design_review reset (from false) - Custom field mark reset (from false) - Custom field patch reset (from false) - Custom field review reset (from false) - Custom field sensitive reset (from false) - Custom field testsupdated reset (from false) - Issue tagged with: postpone-to-1-16-2
Metadata Update from @jhrozek: - Custom field design_review reset (from false) - Custom field mark reset (from false) - Custom field patch reset (from false) - Custom field review reset (from false) - Custom field sensitive reset (from false) - Custom field testsupdated reset (from false) - Issue set to the milestone: SSSD 1.16.2 (was: SSSD 1.16.1)
Metadata Update from @jhrozek: - Custom field design_review reset (from false) - Custom field mark reset (from false) - Custom field patch reset (from false) - Custom field review reset (from false) - Custom field sensitive reset (from false) - Custom field testsupdated reset (from false) - Issue untagged with: postpone-to-1-16-2
master: 851d312 709c42f ccd349f d2633d9 a537df2 a2e743c 514b2be 35d6fb7 ba2d5f7
Metadata Update from @fidencio: - Custom field design_review reset (from false) - Custom field mark reset (from false) - Custom field patch reset (from false) - Custom field review reset (from false) - Custom field sensitive reset (from false) - Custom field testsupdated reset (from false)
Metadata Update from @fidencio: - Custom field design_review reset (from false) - Custom field mark reset (from false) - Custom field patch reset (from false) - Custom field review reset (from false) - Custom field sensitive reset (from false) - Custom field testsupdated reset (from false) - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3694
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.