Learn more about these different git repos.
Other Git URLs
This looks even like a regression to me, because with today's master, calling initgroups for root triggers an LDAP lookup:
(Thu Aug 3 10:14:12 2017) [sssd[nss]] [nss_getby_name] (0x0400): Input name: root (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_set_plugin] (0x2000): CR #0: Setting "Initgroups by name" plugin (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_send] (0x0400): CR #0: New request 'Initgroups by name' (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_process_input] (0x0400): CR #0: Parsing input name [root] (Thu Aug 3 10:14:12 2017) [sssd[nss]] [sss_parse_name_for_domains] (0x0200): name 'root' matched without domain, user is root (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_set_name] (0x0400): CR #0: Setting name [root] (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_select_domains] (0x0400): CR #0: Performing a multi-domain search (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_search_domains] (0x0400): CR #0: Search will check the cache and check the data provider (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_validate_domain_type] (0x2000): Request type POSIX-only for domain ipa.test type POSIX is valid (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_set_domain] (0x0400): CR #0: Using domain [ipa.test] (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_prepare_domain_data] (0x0400): CR #0: Preparing input data for domain [ipa.test] rules (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_search_send] (0x0400): CR #0: Looking up root@ipa.test (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_search_ncache] (0x0400): CR #0: Checking negative cache for [root@ipa.test] (Thu Aug 3 10:14:12 2017) [sssd[nss]] [sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/ipa.test/root@ipa.test] (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_search_ncache] (0x0400): CR #0: [root@ipa.test] does not exist (negative cache) (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_validate_domain_type] (0x2000): Request type POSIX-only for domain win.trust.test type POSIX is valid (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_set_domain] (0x0400): CR #0: Using domain [win.trust.test] (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_prepare_domain_data] (0x0400): CR #0: Preparing input data for domain [win.trust.test] rules (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_search_send] (0x0400): CR #0: Looking up root@win.trust.test (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_search_ncache] (0x0400): CR #0: Checking negative cache for [root@win.trust.test] (Thu Aug 3 10:14:12 2017) [sssd[nss]] [sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/win.trust.test/root@win.trust.test] (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_search_ncache] (0x0400): CR #0: [root@win.trust.test] is not present in negative cache (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_search_cache] (0x0400): CR #0: Looking up [root@win.trust.test] in cache (Thu Aug 3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Added timed event "ltdb_callback": 0x886c30 (Thu Aug 3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Added timed event "ltdb_timeout": 0x886cf0 (Thu Aug 3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Running timer event 0x886c30 "ltdb_callback" (Thu Aug 3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Destroying timer event 0x886cf0 "ltdb_timeout" (Thu Aug 3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Ending timer event 0x886c30 "ltdb_callback" (Thu Aug 3 10:14:12 2017) [sssd[nss]] [sysdb_search_override_by_name] (0x0400): No user override found for name [root@win.trust.test]. (Thu Aug 3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Added timed event "ltdb_callback": 0x884f50 (Thu Aug 3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Added timed event "ltdb_timeout": 0x887dd0 (Thu Aug 3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Running timer event 0x884f50 "ltdb_callback" (Thu Aug 3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Destroying timer event 0x887dd0 "ltdb_timeout" (Thu Aug 3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Ending timer event 0x884f50 "ltdb_callback" (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_search_cache] (0x0400): CR #0: Object [root@win.trust.test] was not found in cache (Thu Aug 3 10:14:12 2017) [sssd[nss]] [cache_req_search_dp] (0x0400): CR #0: Looking up [root@win.trust.test] in data provider
I even have explicit filter_users = root in the nss section, but it doesn't appear to work
Metadata Update from @jhrozek: - Issue assigned to fidencio
Metadata Update from @jhrozek: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1479983
Issue linked to Bugzilla: Bug 1479983
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 1.15.4 - Issue tagged with: regression
PR: https://pagure.io/SSSD/sssd/issue/3460
Metadata Update from @fidencio: - Custom field patch adjusted to on
Metadata Update from @jhrozek: - Issue tagged with: PR
master:
Metadata Update from @jhrozek: - Issue untagged with: regression - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Metadata Update from @jhrozek: - Issue priority set to: major
sssd-1-14:
sssd-1-13:
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 1.16.0 (was: SSSD 1.15.4)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/4486
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.