#3137 secrets: creating a secret in a container doesn't work
Closed: Fixed None Opened 7 years ago by jhrozek.

The container never matches. Looks like we do something wrong when searching for the parent of the container:

Breakpoint 1, local_db_check_containers (mem_ctx=0x19fa980, lctx=0x19f8760, leaf_dn=0x19fbb90)
    at /sssd/src/responder/secrets/local.c:294
294         struct ldb_result *res = NULL;
(gdb) p /r leaf_dn
$3 = (struct ldb_dn *) 0x19fbb90
(gdb) p /r *leaf_dn
$4 = {ldb = 0x19f9c60, special = false, invalid = false, valid_case = false, 
  linearized = 0x19fc890 "cn=foo,cn=keyring,cn=0,cn=users,cn=secrets", ext_linearized = 0x0, 
  casefold = 0x0, comp_num = 5, components = 0x19fc060, ext_comp_num = 0, ext_components = 0x0}
(gdb) p /r *dn
$5 = {ldb = 0x19f9c60, special = false, invalid = false, valid_case = false, 
  linearized = 0x19fb770 "cn=foo,cn=keyring,cn=0,cn=users,cn=secrets", ext_linearized = 0x0, 
  casefold = 0x0, comp_num = 5, components = 0x19fb610, ext_comp_num = 0, ext_components = 0x0}
(gdb) n
308         for (int i = 0; i < num; i++) {
(gdb) 
310             if (!ldb_dn_remove_child_components(dn, 1)) return EFAULT;
(gdb) 
313             ret = ldb_search(lctx->ldb, mem_ctx, &res, dn, LDB_SCOPE_BASE,
(gdb) p *dn
$6 = { <struct ldb_dn>  linearized:0x0 }
(gdb) p /e *dn
$7 = { <struct ldb_dn>  linearized:0x0 }
(gdb) p /r *dn
$8 = {ldb = <error reading variable>, special = <error reading variable>, invalid = <error reading variable>, valid_case = <error reading variable>, linearized = <error reading variable>, 
  ext_linearized = <error reading variable>, casefold = <error reading variable>, comp_num = <error reading variable>, components = <error reading variable>, ext_comp_num = <error reading variable>, 
  ext_components = <error reading variable>

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.14.2

Fields changed

owner: somebody => fidencio

btw I would suggest to first take the sssd-secrets out of the equation and write a simple C program that just links with libldb and munges the DNs. The goal would be to have a for-loop that chops one RDN in each iteration.

Fields changed

rhbz: => todo

Fields changed

patch: 0 => 1

resolution: => fixed
status: new => closed

Metadata Update from @jhrozek:
- Issue assigned to fidencio
- Issue set to the milestone: SSSD 1.14.2

7 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4170

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata