Learn more about these different git repos.
Other Git URLs
A group within the ldap_group_search_base can contain a member group which is outside this search base. When SSSD then pulls down the members of that parent group it should not expand the group outside of the group search base. Currently this appears to get resolved, meaning groups from outside of the group search base are expanded.
milestone: NEEDS_TRIAGE => SSSD 1.7.0
We need to modify the RFC2307bis processing so that it checks whether groups in the 'member' attribute fall within the group search base. If they do not, they should be skipped.
owner: somebody => pbrezina
status: new => assigned
I just found out that similar issue is in netgroups code, please fix it there as well.
summary: ldap_group_search_base doesn't fully limit the group search base correctly => ldap_*_search_base doesn't fully limit the group / netgroup search base correctly
patch: 0 => 1
Fixed in master:
resolution: => fixed
status: assigned => closed
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=785908
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=785908 785908]
Metadata Update from @prefect:
- Issue assigned to pbrezina
- Issue set to the milestone: SSSD 1.7.0
SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here:
If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.
Thank you for understanding. We apologize for all inconvenience.
to comment on this ticket.