#3460 id root triggers an LDAP lookup
Closed: Fixed 2 years ago Opened 2 years ago by jhrozek.

This looks even like a regression to me, because with today's master, calling initgroups for root triggers an LDAP lookup:

(Thu Aug  3 10:14:12 2017) [sssd[nss]] [nss_getby_name] (0x0400): Input name: root
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_set_plugin] (0x2000): CR #0: Setting "Initgroups by name" plugin
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_send] (0x0400): CR #0: New request 'Initgroups by name'
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_process_input] (0x0400): CR #0: Parsing input name [root]
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [sss_parse_name_for_domains] (0x0200): name 'root' matched without domain, user is root
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_set_name] (0x0400): CR #0: Setting name [root]
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_select_domains] (0x0400): CR #0: Performing a multi-domain search
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_search_domains] (0x0400): CR #0: Search will check the cache and check the data provider
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_validate_domain_type] (0x2000): Request type POSIX-only for domain ipa.test type POSIX is valid
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_set_domain] (0x0400): CR #0: Using domain [ipa.test]
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_prepare_domain_data] (0x0400): CR #0: Preparing input data for domain [ipa.test] rules
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_search_send] (0x0400): CR #0: Looking up root@ipa.test
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_search_ncache] (0x0400): CR #0: Checking negative cache for [root@ipa.test]
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/ipa.test/root@ipa.test]
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_search_ncache] (0x0400): CR #0: [root@ipa.test] does not exist (negative cache)
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_validate_domain_type] (0x2000): Request type POSIX-only for domain win.trust.test type POSIX is valid
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_set_domain] (0x0400): CR #0: Using domain [win.trust.test]
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_prepare_domain_data] (0x0400): CR #0: Preparing input data for domain [win.trust.test] rules
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_search_send] (0x0400): CR #0: Looking up root@win.trust.test
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_search_ncache] (0x0400): CR #0: Checking negative cache for [root@win.trust.test]
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/win.trust.test/root@win.trust.test]
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_search_ncache] (0x0400): CR #0: [root@win.trust.test] is not present in negative cache
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_search_cache] (0x0400): CR #0: Looking up [root@win.trust.test] in cache
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Added timed event "ltdb_callback": 0x886c30

(Thu Aug  3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Added timed event "ltdb_timeout": 0x886cf0

(Thu Aug  3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Running timer event 0x886c30 "ltdb_callback"

(Thu Aug  3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Destroying timer event 0x886cf0 "ltdb_timeout"

(Thu Aug  3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Ending timer event 0x886c30 "ltdb_callback"

(Thu Aug  3 10:14:12 2017) [sssd[nss]] [sysdb_search_override_by_name] (0x0400): No user override found for name [root@win.trust.test].
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Added timed event "ltdb_callback": 0x884f50

(Thu Aug  3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Added timed event "ltdb_timeout": 0x887dd0

(Thu Aug  3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Running timer event 0x884f50 "ltdb_callback"

(Thu Aug  3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Destroying timer event 0x887dd0 "ltdb_timeout"

(Thu Aug  3 10:14:12 2017) [sssd[nss]] [ldb] (0x4000): Ending timer event 0x884f50 "ltdb_callback"

(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_search_cache] (0x0400): CR #0: Object [root@win.trust.test] was not found in cache
(Thu Aug  3 10:14:12 2017) [sssd[nss]] [cache_req_search_dp] (0x0400): CR #0: Looking up [root@win.trust.test] in data provider

I even have explicit filter_users = root in the nss section, but it doesn't appear to work


Metadata Update from @jhrozek:
- Issue assigned to fidencio

2 years ago

Metadata Update from @jhrozek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1479983

2 years ago

Metadata Update from @jhrozek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1479983

2 years ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.15.4
- Issue tagged with: regression

2 years ago

Metadata Update from @fidencio:
- Custom field patch adjusted to on

2 years ago

Metadata Update from @jhrozek:
- Issue tagged with: PR

2 years ago

Metadata Update from @jhrozek:
- Issue untagged with: regression
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

2 years ago

Metadata Update from @jhrozek:
- Issue priority set to: major

2 years ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.16.0 (was: SSSD 1.15.4)

a year ago

Login to comment on this ticket.

Metadata