Learn more about these different git repos.
Other Git URLs
Reported on sssd version 1.16.4.
https://www.adelton.com/apache/mod_lookup_identity/ relies on the org.freedesktop.sssd.infopipe.GetUserGroups call to enumerate the names of groups a specific user is a part of. However, it looks like this call fails to include the primary group as part of this enumeration? Reproducing this with the dbus-python library:
org.freedesktop.sssd.infopipe.GetUserGroups
import dbus bus = dbus.SystemBus() users_obj = bus.get_object('org.freedesktop.sssd.infopipe', '/org/freedesktop/sssd/infopipe/Users') users_iface = dbus.Interface(users_obj, 'org.freedesktop.sssd.infopipe.Users') groups_obj = bus.get_object('org.freedesktop.sssd.infopipe', '/org/freedesktop/sssd/infopipe/Groups') groups_iface = dbus.Interface(groups_obj, 'org.freedesktop.sssd.infopipe.Groups') ifp_obj = bus.get_object('org.freedesktop.sssd.infopipe', '/org/freedesktop/sssd/infopipe') ifp_iface = dbus.Interface(ifp_obj, 'org.freedesktop.sssd.infopipe') my_obj = bus.get_object('org.freedesktop.sssd.infopipe', users_iface.FindByName('myuser')) my_iface = dbus.Interface(my_obj, 'org.freedesktop.sssd.Users.User') my_iface_properties = dbus.Interface(my_obj, 'org.freedesktop.DBus.Properties') my_iface_properties.Get('org.freedesktop.sssd.infopipe.Users.User', 'groups') # dbus.Array([dbus.ObjectPath('/org/freedesktop/sssd/infopipe/Groups/--/1722'), dbus.ObjectPath('/org/freedesktop/sssd/infopipe/Groups/--/10051'), dbus.ObjectPath('/org/freedesktop/ss sd/infopipe/Groups/--/2067'), dbus.ObjectPath('/org/freedesktop/sssd/infopipe/Groups/--/1961'), dbus.ObjectPath('/org/freedesktop/sssd/infopipe/Groups/--/1932'), dbus.O bjectPath('/org/freedesktop/sssd/infopipe/Groups/--/1897')], signature=dbus.Signature('o'), variant_level=1) ifp_iface.GetUserGroups('myuser') # dbus.Array([dbus.String('web'), dbus.String('cs0000'), dbus.String('logs'), dbus.String('consult'), dbus.String('dnsadmin')], signature=dbus.Signature('s'))
The group name for group 1722 is not reported (it's name is "chpc") in the GetUserGroups call but the group is reported in the groups property of myuser.
GetUserGroups
groups
myuser
I suspect it is because 1722 is myuser's primary group (ie set as myuser's gidNumber) but myuser is not listed as a member of the group 1722.
Hi,
what's the output of id myuser and groups myuser ?
id myuser
groups myuser
bye, Sumit
id myuser: uid=1141817(myuser) gid=1722(chpc) groups=1722(chpc),1897(dnsadmin),1932(consult),1961(logs),2067(cs0000),10051(chpcweb) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
uid=1141817(myuser) gid=1722(chpc) groups=1722(chpc),1897(dnsadmin),1932(consult),1961(logs),2067(cs0000),10051(chpcweb) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
groups myuser: chpc dnsadmin consult logs cs0000 chpcweb
chpc dnsadmin consult logs cs0000 chpcweb
Metadata Update from @thalman: - Issue tagged with: Future milestone
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/5112
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @pbrezina: - Issue close_status updated to: cloned-to-github - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.