The nightly tests detected a regression when using the nightly build of sssd master branch. Failing tests:
test_trust.py::TestNonPosixAutoPrivateGroup::test_idoverride_with_auto_private_group[hybrid]
test_trust.py::TestPosixAutoPrivateGroup::test_only_uid_number_auto_private_group_default[true]
The regression was seen with PR #2251, with the following logs and report:
self = <ipatests.test_integration.test_trust.TestNonPosixAutoPrivateGroup object at 0x7fa8319aaa10> type = 'hybrid' @pytest.mark.parametrize('type', ['hybrid', 'true', "false"]) def test_idoverride_with_auto_private_group(self, type): """ Override ad trusted user in default trust view and set auto-private-groups=[hybrid,true,false] and ensure that overridden values takes effect. """ nonposixuser = "nonposixuser@%s" % self.ad_domain with self.set_idoverrideuser(nonposixuser, self.uid_override, self.gid_override ): self.mod_idrange_auto_private_group(type) > (uid, gid) = self.get_user_id(self.clients[0], nonposixuser) test_integration/test_trust.py:1110: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ test_integration/test_trust.py:138: in get_user_id test_id = host.run_command(["id", username]) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = <ipatests.pytest_ipa.integration.host.Host client0.ipa.test (client)> argv = ['id', 'nonposixuser@ad.test'], set_env = True, stdin_text = None log_stdout = True, raiseonerr = True, cwd = None, bg = False, encoding = 'utf-8' ok_returncode = 0 def run_command(self, argv, set_env=True, stdin_text=None, log_stdout=True, raiseonerr=True, cwd=None, bg=False, encoding='utf-8', ok_returncode=0): """Wrapper around run_command to log stderr on raiseonerr=True :param ok_returncode: return code considered to be correct, you can pass an integer or sequence of integers """ result = super().run_command( argv, set_env=set_env, stdin_text=stdin_text, log_stdout=log_stdout, raiseonerr=False, cwd=cwd, bg=bg, encoding=encoding ) # in FIPS mode SSH may print noise to stderr, remove the string # "FIPS mode initialized" + optional newline. result.stderr_bytes = FIPS_NOISE_RE.sub(b'', result.stderr_bytes) try: result_ok = result.returncode in ok_returncode except TypeError: result_ok = result.returncode == ok_returncode if not result_ok and raiseonerr: result.log.error('stderr: %s', result.stderr_text) > raise subprocess.CalledProcessError( result.returncode, argv, result.stdout_text, result.stderr_text ) E subprocess.CalledProcessError: Command '['id', 'nonposixuser@ad.test']' returned non-zero exit status 1. pytest_ipa/integration/host.py:202: CalledProcessError ------------------------------Captured stderr call------------------------------ ipa: ERROR: stderr: id: ‘nonposixuser@ad.test’: no such user
Test scenario:
id nonposixuser@ad.test
master# id nonposixuser@ad.test uid=99999999(nonposixuser@ad.test) gid=78878787(idgroup) groups=78878787(idgroup),517400513(domain users@ad.test)
client0# id nonposixuser@ad.test id: ‘nonposixuser@ad.test’: no such user
The test was successful the previous week (PR #2232 - report) with sssd-client-2.9.0-0.221125.122823.git4a6eb258c.fc37.x86_64.
The failure was seen with sssd-client-2.9.0-0.221205.102345.git8b09c9387.fc37.x86_64.
Commits between the 2 hashes:
8b09c9387e55b177d6b1ec65afe65e354e19b96b Translations: add missing `tools/sssctl/sssctl_cert.c` and macros 664a436e9ce758554938183d1475e7353020e495 Test: gssapi test fix 80690213f25855eecfa5345f43af37226bc34458 po: update translations b0bdf712eb632f94e9925d32fb703bdfd574e11d certmap: Add documentation for some internal functions 882f560e68a881a95d7f66745a3530176bdd0a66 certmap: add LDAPU1 rules to man page 4ac53fb5ef95cd2c94f076299aa4d3213c3c9be6 certmap: add tests for new attributes and LDAPU1 rules 1303c6241bb27ef902787dcd526aeaae3417063a certmap: add LDAPU1 mapping rules 0a906107322fffc17757480f9e540796f9f181ce certmap: dump new attributes in sss_cert_dump_content() 3676a4fba473b93df2b32fb143ef0b261d04d9f6 certmap: add get_digest_list() and get_hash() 11483f1ec046f1062df68f1544e49fd59473084e sssctl: add cert-eval-rule sub-command c4085c9a7d1ec54c1b830583128148a0c7b807d8 certmap: add bin_to_hex() helper function f293507d9f6efda9908a3ec971ce7f4eac284ae1 certmap: fix for SAN URI 9e1b711b2611e7390bcbcd4a9682dd18e71c3d72 certmap: add support for SID extension 10d977a3675a8145314edea0bebd7b9ac01eda89 certamp: add support for subject key id 3f8bc8720ff871490c6a6233b1a21bc1d2018cf1 certmap: add support for serial number e4dd11f2c2cd59031f904a1e30ed5b67edbdd54f SYSDB: pre-existence of MPG group in the cache isn't an error ad0a8c6a33ea5bbad8058112b95bef00bb76d5c9 Tests: fix test_sssctl_local.py::Testsssctl::test_0002_bz1599207 51b11db8b99a77ba5ccf6f850c2e81b5a6ee9f79 pac: relax default check b3d7a4f6d4e1d4fa1bd33b296cd4301973f1860c ipa: do not add guessed principal to the cache 91789449b7a8b20056e1edfedd8f8cf92f7a0a2a PAC: allow to disable UPN check 340691fae95a2fc66c85d5da8db14f227b2c88a8 MAN: Fix option typo on sssd-kcm.8 fc3fad982e39d560a80c1a8b922455a190718cb7 Tests: Fix automount OU removal from AD.
Companion issue on sssd side: https://github.com/SSSD/sssd/issues/6485
Reproduced in testing_master_testing_selinux report
master:
ipa-4-10:
Metadata Update from @rcritten: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Metadata Update from @frenaud: - Issue status updated to: Open (was: Closed)
I'm re-opening the issue, the above commits marked the tests as xfail but the issue is still present.
ipa-4-11:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
The 2 tests are now passing with sssd 2.9.4-1
Log in to comment on this ticket.