#3491 pysss_nss_idmap: py3 constants defined as strings or bytes
Closed: Fixed 2 years ago Opened 2 years ago by frenaud.

Using python3-libsss_nss_idmap 1.15.3-1.fc26 from copr freeipa/freeipa-master

pysss_nss_idmap.SID_KEY, pysss_nss_idmap.TYPE_KEY and pysss_nss_idmap.NAME_KEY are defined as strings ('sid', 'type' and 'name') but cannot be used as keys in the results returned by pysss_nss_idmap.getsidbyname or pysss_nss_idmap.getnamebysid.

For instance, the output of getnamebysid looks like: {b'name': 'userlogin@domain.com', b'type': 3}
and result.get(pysss_nss_idmap.TYPE_KEY) or result.get(pysss_nss_idmap.NAME_KEY) fail.

The output of getsidbyname looks like: {'userlogin@domain.com': {b'sid': 'S-1-5-21-4185955025-1922848022-3738247038-1116', b'type': 3}}.

There is a mismatch between the constant types and the key types.

In order to reproduce the issue:
install ipa server, create a winsync replication agreement, then add a trust to AD and use ipa-winsync-migrate with python3 -bbE. The tool displays for each user entry to migrate:
Migration failed: userlogin@domain.com (Comparison between bytes and string)


I've provided a simple test build for flo and I'll assign the bug to myself and propose a proper fix in case my test build works for her.

Otherwise, someone else can feel free to take it over (as the solution wasn't as simple as I thought) :-)

Metadata Update from @fidencio:
- Issue assigned to fidencio

2 years ago

@frenaud Can you help me with assessing the impact? Is this something to backport to RHEL before the next release in an asynchronous update?

Metadata Update from @fidencio:
- Custom field patch adjusted to on

2 years ago

Metadata Update from @jhrozek:
- Issue tagged with: PR

2 years ago

Metadata Update from @jhrozek:
- Issue close_status updated to: Fixed
- Issue set to the milestone: SSSD 1.15.4
- Issue status updated to: Closed (was: Open)

2 years ago

@frenaud Can you help me with assessing the impact? Is this something to backport to RHEL before the next release in an asynchronous update?

rhel does not have python3-libipa_hbac

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.16.0 (was: SSSD 1.15.4)

2 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4517

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata