Learn more about these different git repos.
Other Git URLs
We are de-emphasizing the local domain in favor of the files domain. There is no point in offering a python interface for the local domain. We should just remove it.
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 2.0
Metadata Update from @jhrozek: - Issue tagged with: breaks compatibility
PR:https://github.com/SSSD/sssd/pull/430
Metadata Update from @jhrozek: - Issue priority set to: minor
PR: part of https://github.com/SSSD/sssd/pull/611
Metadata Update from @fidencio: - Issue assigned to fidencio
Metadata Update from @fidencio: - Issue tagged with: PR
Fixed as part of: 0e211b8 82d51b7 b8946c4 c075e28 15342eb 5a87af9 a24f0c2 2e8fe6a 728e4be 99b5bb5 a8a9e66 064ca0b 6ebcc59 35a200d 2243b34 7d48373
Metadata Update from @jhrozek: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Unfortunately, FreeIPA does use this interface and now we are broken:
[root@cloud-qe-19 ~]# ipa hbactest --host=cloud-qe-19.octy120.test --service=sshd --user='IPAAD2016\aduser1' ipa: ERROR: an internal error has occurred [root@cloud-qe-19 ~]# tail -30 /var/log/httpd/error_log [Wed Oct 24 03:03:47.477681 2018] [wsgi:error] [pid 8771:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: Destroyed connection context.ldap2_140573265369968 [Wed Oct 24 03:03:47.493424 2018] [:warn] [pid 8775:tid 140573163890432] [client 10.19.34.59:34812] failed to set perms (3140) on file (/var/run/ipa/ccaches/admin@OCTY120.TEST)!, referer: https://cloud-qe-19.octy120.test/ipa/xml [Wed Oct 24 03:03:47.493951 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: WSGI wsgi_dispatch.__call__: [Wed Oct 24 03:03:47.494025 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: WSGI jsonserver_session.__call__: [Wed Oct 24 03:03:47.526543 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: Created connection context.ldap2_140573265365760 [Wed Oct 24 03:03:47.526616 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: WSGI jsonserver.__call__: [Wed Oct 24 03:03:47.526666 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: WSGI WSGIExecutioner.__call__: [Wed Oct 24 03:03:47.526915 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: raw: hbactest(user='IPAAD2016\\\\aduser1', targethost='cloud-qe-19.octy120.test', service='sshd', version='2.230') [Wed Oct 24 03:03:47.527093 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: hbactest(user='IPAAD2016\\\\aduser1', targethost='cloud-qe-19.octy120.test', service='sshd', nodetail=False, enabled=False, disabled=False, version='2.230') [Wed Oct 24 03:03:47.527386 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: raw: hbacrule_find(None, sizelimit=None, version='2.230', no_members=False) [Wed Oct 24 03:03:47.527566 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: hbacrule_find(None, sizelimit=None, all=False, raw=False, version='2.230', no_members=False, pkey_only=False) [Wed Oct 24 03:03:47.529372 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: retrieving schema for SchemaCache url=ldapi://%2fvar%2frun%2fslapd-OCTY120-TEST.socket conn=<ldap.ldapobject.SimpleLDAPObject object at 0x7fd9c2fb3e80> [Wed Oct 24 03:03:47.717473 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: ERROR: non-public: AttributeError: module 'pysss' has no attribute 'getgrouplist' [Wed Oct 24 03:03:47.717492 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] Traceback (most recent call last): [Wed Oct 24 03:03:47.717495 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] File "/usr/lib/python3.6/site-packages/ipaserver/rpcserver.py", line 370, in wsgi_execute [Wed Oct 24 03:03:47.717499 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] result = command(*args, **options) [Wed Oct 24 03:03:47.717501 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] File "/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 450, in __call__ [Wed Oct 24 03:03:47.717504 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] return self.__do_call(*args, **options) [Wed Oct 24 03:03:47.717510 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] File "/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 478, in __do_call [Wed Oct 24 03:03:47.717514 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ret = self.run(*args, **options) [Wed Oct 24 03:03:47.717516 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] File "/usr/lib/python3.6/site-packages/ipalib/frontend.py", line 800, in run [Wed Oct 24 03:03:47.717519 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] return self.execute(*args, **options) [Wed Oct 24 03:03:47.717522 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] File "/usr/lib/python3.6/site-packages/ipaserver/plugins/hbactest.py", line 410, in execute [Wed Oct 24 03:03:47.717525 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] user_sid, group_sids = domain_validator.get_trusted_domain_user_and_groups(options['user']) [Wed Oct 24 03:03:47.717527 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] File "/usr/lib/python3.6/site-packages/ipaserver/dcerpc.py", line 614, in get_trusted_domain_user_and_groups [Wed Oct 24 03:03:47.717530 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] group_list = pysss.getgrouplist(object_name) [Wed Oct 24 03:03:47.717534 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] AttributeError: module 'pysss' has no attribute 'getgrouplist' [Wed Oct 24 03:03:47.717541 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] [Wed Oct 24 03:03:47.717668 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: INFO: [jsonserver_session] admin@OCTY120.TEST: hbactest/1(user='IPAAD2016\\\\aduser1', targethost='cloud-qe-19.octy120.test', service='sshd', version='2.230'): InternalError [Wed Oct 24 03:03:47.718159 2018] [wsgi:error] [pid 8774:tid 140573238957824] [remote 10.19.34.59:34812] ipa: DEBUG: Destroyed connection context.ldap2_140573265365760
Metadata Update from @jhrozek: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1642372
Issue linked to Bugzilla: Bug 1642372
This re-adds the getgroupslist() api
Metadata Update from @jhrozek: - Issue set to the milestone: None (was: SSSD 2.0)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/4519
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.