Bug 1139044
Summary: | RHEL6.6 ipa user private group not found | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Scott Poore <spoore> |
Component: | sssd | Assignee: | Martin Kosek <mkosek> |
Status: | CLOSED ERRATA | QA Contact: | Namita Soman <nsoman> |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | 6.6 | CC: | dpal, grajaiya, jgalipea, jhrozek, lslebodn, mkosek, pbrezina, preichl, rcritten, tlavigne |
Target Milestone: | rc | Keywords: | Regression |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | sssd-1.11.6-30.el6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-10-14 04:49:39 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Scott Poore
2014-09-07 19:26:05 UTC
As a historical note, it was an architectual decision that user-private groups do not have the groupofnames objectclass. This is because this group can have no members. Upstream ticket: https://fedorahosted.org/sssd/ticket/2436 Pushed upstream: master: 6f91c61426c8cfbfec52d5e77ae4650007694e69 7ba70236daccb48432350147d0560b3302518cee sssd-1-11: cfa74fcb5f6ba23f41a9ddaa76c3ebae6156da86 9e99c000a4e2647328e71b4db272b4b73a7189c5 Verified. First, confirmed bug: [root@rhel6-1 yum.local.d]# ipa user-add bz1139044user1 --first=f --last=l --------------------------- Added user "bz1139044user1" --------------------------- User login: bz1139044user1 First name: f Last name: l Full name: f l Display name: f l Initials: fl Home directory: /home/bz1139044user1 GECOS field: f l Login shell: /bin/sh Kerberos principal: bz1139044user1 Email address: bz1139044user1 UID: 1145200001 GID: 1145200001 Password: False Kerberos keys available: False [root@rhel6-1 yum.local.d]# ipa passwd bz1139044user1 New Password: Enter New Password again to verify: --------------------------------------------------- Changed password for "bz1139044user1" --------------------------------------------------- [root@rhel6-1 yum.local.d]# kinit bz1139044user1 Password for bz1139044user1: Password expired. You must change it now. Enter new password: Enter it again: [root@rhel6-1 yum.local.d]# ssh -l bz1139044user1 $(hostname) Could not chdir to home directory /home/bz1139044user1: No such file or directory id: cannot find name for group ID 1145200001 -sh-4.1$ id uid=1145200001(bz1139044user1) gid=1145200001 groups=1145200001 context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 -sh-4.1$ exit Then update SSSD: [root@rhel6-1 yum.repos.d]# yum update sssd Loaded plugins: product-id, subscription-manager This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register. Setting up Update Process beaker-client | 1.5 kB 00:00 beaker-client/primary | 12 kB 00:00 beaker-client 55/55 beaker-rhel-6.6-latest-optional | 3.8 kB 00:00 beaker-rhel-6.6-latest-optional/primary_db | 1.2 MB 00:02 beaker-rhel-6.6-latest-server | 4.1 kB 00:00 beaker-rhel-6.6-latest-server/primary_db | 3.1 MB 00:04 mylocal | 2.9 kB 00:00 ... mylocal/primary_db | 47 kB 00:00 ... Resolving Dependencies --> Running transaction check ---> Package sssd.x86_64 0:1.11.6-29.el6 will be updated ---> Package sssd.x86_64 0:1.11.6-30.el6 will be an update --> Processing Dependency: sssd-proxy = 1.11.6-30.el6 for package: sssd-1.11.6-30.el6.x86_64 --> Processing Dependency: sssd-ldap = 1.11.6-30.el6 for package: sssd-1.11.6-30.el6.x86_64 --> Processing Dependency: sssd-krb5 = 1.11.6-30.el6 for package: sssd-1.11.6-30.el6.x86_64 --> Processing Dependency: sssd-ipa = 1.11.6-30.el6 for package: sssd-1.11.6-30.el6.x86_64 --> Processing Dependency: sssd-common-pac = 1.11.6-30.el6 for package: sssd-1.11.6-30.el6.x86_64 --> Processing Dependency: sssd-common = 1.11.6-30.el6 for package: sssd-1.11.6-30.el6.x86_64 --> Processing Dependency: sssd-ad = 1.11.6-30.el6 for package: sssd-1.11.6-30.el6.x86_64 --> Processing Dependency: python-sssdconfig = 1.11.6-30.el6 for package: sssd-1.11.6-30.el6.x86_64 --> Running transaction check ---> Package python-sssdconfig.noarch 0:1.11.6-29.el6 will be updated ---> Package python-sssdconfig.noarch 0:1.11.6-30.el6 will be an update ---> Package sssd-ad.x86_64 0:1.11.6-29.el6 will be updated ---> Package sssd-ad.x86_64 0:1.11.6-30.el6 will be an update --> Processing Dependency: sssd-krb5-common = 1.11.6-30.el6 for package: sssd-ad-1.11.6-30.el6.x86_64 ---> Package sssd-common.x86_64 0:1.11.6-29.el6 will be updated ---> Package sssd-common.x86_64 0:1.11.6-30.el6 will be an update --> Processing Dependency: sssd-client(x86-64) = 1.11.6-30.el6 for package: sssd-common-1.11.6-30.el6.x86_64 --> Processing Dependency: libsss_idmap(x86-64) = 1.11.6-30.el6 for package: sssd-common-1.11.6-30.el6.x86_64 ---> Package sssd-common-pac.x86_64 0:1.11.6-29.el6 will be updated ---> Package sssd-common-pac.x86_64 0:1.11.6-30.el6 will be an update ---> Package sssd-ipa.x86_64 0:1.11.6-29.el6 will be updated ---> Package sssd-ipa.x86_64 0:1.11.6-30.el6 will be an update --> Processing Dependency: libipa_hbac(x86-64) = 1.11.6-30.el6 for package: sssd-ipa-1.11.6-30.el6.x86_64 ---> Package sssd-krb5.x86_64 0:1.11.6-29.el6 will be updated ---> Package sssd-krb5.x86_64 0:1.11.6-30.el6 will be an update ---> Package sssd-ldap.x86_64 0:1.11.6-29.el6 will be updated ---> Package sssd-ldap.x86_64 0:1.11.6-30.el6 will be an update ---> Package sssd-proxy.x86_64 0:1.11.6-29.el6 will be updated ---> Package sssd-proxy.x86_64 0:1.11.6-30.el6 will be an update --> Running transaction check ---> Package libipa_hbac.x86_64 0:1.11.6-29.el6 will be updated --> Processing Dependency: libipa_hbac = 1.11.6-29.el6 for package: libipa_hbac-python-1.11.6-29.el6.x86_64 ---> Package libipa_hbac.x86_64 0:1.11.6-30.el6 will be an update ---> Package libsss_idmap.x86_64 0:1.11.6-29.el6 will be updated ---> Package libsss_idmap.x86_64 0:1.11.6-30.el6 will be an update ---> Package sssd-client.x86_64 0:1.11.6-29.el6 will be updated ---> Package sssd-client.x86_64 0:1.11.6-30.el6 will be an update ---> Package sssd-krb5-common.x86_64 0:1.11.6-29.el6 will be updated ---> Package sssd-krb5-common.x86_64 0:1.11.6-30.el6 will be an update --> Running transaction check ---> Package libipa_hbac-python.x86_64 0:1.11.6-29.el6 will be updated ---> Package libipa_hbac-python.x86_64 0:1.11.6-30.el6 will be an update --> Finished Dependency Resolution Dependencies Resolved ======================================================================================================= Package Arch Version Repository Size ======================================================================================================= Updating: sssd x86_64 1.11.6-30.el6 mylocal 87 k Updating for dependencies: libipa_hbac x86_64 1.11.6-30.el6 mylocal 92 k libipa_hbac-python x86_64 1.11.6-30.el6 mylocal 87 k libsss_idmap x86_64 1.11.6-30.el6 mylocal 97 k python-sssdconfig noarch 1.11.6-30.el6 mylocal 119 k sssd-ad x86_64 1.11.6-30.el6 mylocal 141 k sssd-client x86_64 1.11.6-30.el6 mylocal 127 k sssd-common x86_64 1.11.6-30.el6 mylocal 831 k sssd-common-pac x86_64 1.11.6-30.el6 mylocal 120 k sssd-ipa x86_64 1.11.6-30.el6 mylocal 194 k sssd-krb5 x86_64 1.11.6-30.el6 mylocal 109 k sssd-krb5-common x86_64 1.11.6-30.el6 mylocal 159 k sssd-ldap x86_64 1.11.6-30.el6 mylocal 166 k sssd-proxy x86_64 1.11.6-30.el6 mylocal 115 k Transaction Summary ======================================================================================================= Upgrade 14 Package(s) Total download size: 2.4 M Is this ok [y/N]: y Downloading Packages: ------------------------------------------------------------------------------------------------------- Total 72 MB/s | 2.4 MB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Updating : libsss_idmap-1.11.6-30.el6.x86_64 1/28 Updating : libipa_hbac-1.11.6-30.el6.x86_64 2/28 Updating : python-sssdconfig-1.11.6-30.el6.noarch 3/28 Updating : sssd-client-1.11.6-30.el6.x86_64 4/28 Updating : sssd-common-1.11.6-30.el6.x86_64 5/28 Updating : sssd-krb5-common-1.11.6-30.el6.x86_64 6/28 Updating : sssd-common-pac-1.11.6-30.el6.x86_64 7/28 Updating : sssd-ad-1.11.6-30.el6.x86_64 8/28 Updating : sssd-ipa-1.11.6-30.el6.x86_64 9/28 Updating : sssd-ldap-1.11.6-30.el6.x86_64 10/28 Updating : sssd-krb5-1.11.6-30.el6.x86_64 11/28 Updating : sssd-proxy-1.11.6-30.el6.x86_64 12/28 Updating : sssd-1.11.6-30.el6.x86_64 13/28 Updating : libipa_hbac-python-1.11.6-30.el6.x86_64 14/28 Cleanup : sssd-1.11.6-29.el6.x86_64 15/28 Cleanup : sssd-ipa-1.11.6-29.el6.x86_64 16/28 Cleanup : sssd-ad-1.11.6-29.el6.x86_64 17/28 Cleanup : sssd-common-pac-1.11.6-29.el6.x86_64 18/28 Cleanup : sssd-krb5-1.11.6-29.el6.x86_64 19/28 Cleanup : sssd-ldap-1.11.6-29.el6.x86_64 20/28 Cleanup : sssd-krb5-common-1.11.6-29.el6.x86_64 21/28 Cleanup : sssd-proxy-1.11.6-29.el6.x86_64 22/28 Cleanup : sssd-common-1.11.6-29.el6.x86_64 23/28 Cleanup : libipa_hbac-python-1.11.6-29.el6.x86_64 24/28 Cleanup : python-sssdconfig-1.11.6-29.el6.noarch 25/28 Cleanup : libipa_hbac-1.11.6-29.el6.x86_64 26/28 Cleanup : libsss_idmap-1.11.6-29.el6.x86_64 27/28 Cleanup : sssd-client-1.11.6-29.el6.x86_64 28/28 Verifying : sssd-client-1.11.6-30.el6.x86_64 1/28 Verifying : sssd-common-1.11.6-30.el6.x86_64 2/28 Verifying : sssd-common-pac-1.11.6-30.el6.x86_64 3/28 Verifying : sssd-1.11.6-30.el6.x86_64 4/28 Verifying : libipa_hbac-python-1.11.6-30.el6.x86_64 5/28 Verifying : sssd-ldap-1.11.6-30.el6.x86_64 6/28 Verifying : sssd-krb5-1.11.6-30.el6.x86_64 7/28 Verifying : libsss_idmap-1.11.6-30.el6.x86_64 8/28 Verifying : sssd-proxy-1.11.6-30.el6.x86_64 9/28 Verifying : sssd-krb5-common-1.11.6-30.el6.x86_64 10/28 Verifying : sssd-ad-1.11.6-30.el6.x86_64 11/28 Verifying : libipa_hbac-1.11.6-30.el6.x86_64 12/28 Verifying : python-sssdconfig-1.11.6-30.el6.noarch 13/28 Verifying : sssd-ipa-1.11.6-30.el6.x86_64 14/28 Verifying : sssd-ad-1.11.6-29.el6.x86_64 15/28 Verifying : sssd-krb5-common-1.11.6-29.el6.x86_64 16/28 Verifying : python-sssdconfig-1.11.6-29.el6.noarch 17/28 Verifying : libipa_hbac-1.11.6-29.el6.x86_64 18/28 Verifying : sssd-proxy-1.11.6-29.el6.x86_64 19/28 Verifying : libsss_idmap-1.11.6-29.el6.x86_64 20/28 Verifying : sssd-ldap-1.11.6-29.el6.x86_64 21/28 Verifying : sssd-krb5-1.11.6-29.el6.x86_64 22/28 Verifying : libipa_hbac-python-1.11.6-29.el6.x86_64 23/28 Verifying : sssd-common-1.11.6-29.el6.x86_64 24/28 Verifying : sssd-1.11.6-29.el6.x86_64 25/28 Verifying : sssd-client-1.11.6-29.el6.x86_64 26/28 Verifying : sssd-common-pac-1.11.6-29.el6.x86_64 27/28 Verifying : sssd-ipa-1.11.6-29.el6.x86_64 28/28 Updated: sssd.x86_64 0:1.11.6-30.el6 Dependency Updated: libipa_hbac.x86_64 0:1.11.6-30.el6 libipa_hbac-python.x86_64 0:1.11.6-30.el6 libsss_idmap.x86_64 0:1.11.6-30.el6 python-sssdconfig.noarch 0:1.11.6-30.el6 sssd-ad.x86_64 0:1.11.6-30.el6 sssd-client.x86_64 0:1.11.6-30.el6 sssd-common.x86_64 0:1.11.6-30.el6 sssd-common-pac.x86_64 0:1.11.6-30.el6 sssd-ipa.x86_64 0:1.11.6-30.el6 sssd-krb5.x86_64 0:1.11.6-30.el6 sssd-krb5-common.x86_64 0:1.11.6-30.el6 sssd-ldap.x86_64 0:1.11.6-30.el6 sssd-proxy.x86_64 0:1.11.6-30.el6 Complete! Then verify the actual fix works: [root@rhel6-1 yum.repos.d]# echo Secret123| kinit bz1139044user1 Password for bz1139044user1: [root@rhel6-1 yum.repos.d]# ssh -l bz1139044user1 $(hostname) id Could not chdir to home directory /home/bz1139044user1: No such file or directory uid=1145200001(bz1139044user1) gid=1145200001(bz1139044user1) groups=1145200001(bz1139044user1) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 [root@rhel6-1 yum.repos.d]# I can see the private group name resolved above. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1375.html |