Bug 1213716
| Summary: | idoverridegroup for ipa group with --group-name does not work | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Steeve Goveas <sgoveas> | ||||||
| Component: | sssd | Assignee: | Sumit Bose <sbose> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | Kaushik Banerjee <kbanerje> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | medium | ||||||||
| Version: | 6.7 | CC: | grajaiya, jgalipea, jhrozek, lslebodn, mkosek, mzidek, nsoman, pbrezina, preichl, sbose | ||||||
| Target Milestone: | rc | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | sssd-1.12.4-33.el6 | Doc Type: | Bug Fix | ||||||
| Doc Text: |
Do not document.
|
Story Points: | --- | ||||||
| Clone Of: | |||||||||
| : | 1214716 (view as bug list) | Environment: | |||||||
| Last Closed: | 2015-07-22 06:44:10 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | |||||||||
| Bug Blocks: | 1214716 | ||||||||
| Attachments: |
|
||||||||
Created attachment 1016693 [details]
sssd domain logs
Created attachment 1016694 [details]
sssd nss logs
Upstream ticket: https://fedorahosted.org/sssd/ticket/2631 Fixed upstream:
master: 605dc7fcc848dffb7c9d270c864c70e6dff1242e
sssd-1-12: 1b2119aab14a4ea3ca6de0d29a661b2825bfec8d
Verified in version
[root@vm-idm-018 ~]# rpm -q sssd
sssd-1.12.4-38.el6.x86_64
On server
[root@sideswipe ~]# ipa group-find grp
----------------
2 groups matched
----------------
Group name: grp1
GID: 1902400006
Member users: ipauser1
Group name: grp2
GID: 1902400007
Member users: ipauser1
----------------------------
Number of entries returned 2
----------------------------
[root@sideswipe ~]# ipa idoverridegroup-add hostview grp2 --group-name ipagrp2
------------------------------
Added Group ID override "grp2"
------------------------------
Anchor to override: grp2
Group name: ipagrp2
[root@sideswipe ~]# service sssd stop ; rm -f /var/lib/sss/{db,mc}/* ; service sssd start
Redirecting to /bin/systemctl stop sssd.service
Redirecting to /bin/systemctl start sssd.service
[root@sideswipe ~]# ipa idview-show hostview --show-hosts
ID View Name: hostview
Group object overrides: grp2
Hosts the view applies to: vm-idm-018.ipaviews.test
On Client
[root@vm-idm-018 ~]# service sssd stop; rm -rf /var/lib/sss/{db,mc}/*; service sssd start
Stopping sssd: [ OK ]
Starting sssd: [ OK ]
[root@vm-idm-018 ~]# getent group ipagrp2
ipagrp2:*:1902400007:ipauser1
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-1448.html |
Description of problem: idoverridegroup with --group-name for a ipa group does not work Version-Release number of selected component (if applicable): [root@ibm-x3250m4-04 ~]# rpm -q sssd sssd-1.12.4-29.el6.x86_64 How reproducible: always Steps to Reproduce: On server [root@sideswipe ~]# ipa idoverridegroup-add hostview grp2 --group-name ipagrp2 ------------------------------ Added Group ID override "grp2" ------------------------------ Anchor to override: grp2 Group name: ipagrp2 [root@sideswipe ~]# service sssd stop ; rm -f /var/lib/sss/{db,mc}/* ; service sssd start Redirecting to /bin/systemctl stop sssd.service Redirecting to /bin/systemctl start sssd.service [root@sideswipe ~]# ipa idview-show hostview --show-hosts ID View Name: hostview User object overrides: aduser2, ipauser1 Group object overrides: grp1, grp2 Hosts the view applies to: ibm-x3250m4-04.ipaviews.test On Client [root@ibm-x3250m4-04 ~]# service sssd stop; rm -rf /var/lib/sss/{db,mc}/*; service sssd start Stopping sssd: [ OK ] Starting sssd: [ OK ] [root@ibm-x3250m4-04 ~]# hostname ibm-x3250m4-04.ipaviews.test [root@ibm-x3250m4-04 ~]# getent group ipagrp2 ; echo $? 2 [root@ibm-x3250m4-04 ~]# getent group ipagrp2 ; echo $? 2 [root@ibm-x3250m4-04 ~]# getent group ipagrp2 ; echo $? 2 [root@ibm-x3250m4-04 ~]# getent group grp2 ipagrp2:*:1902400007:user1 [root@ibm-x3250m4-04 ~]# getent group ipagrp2 ; echo $? ipagrp2:*:1902400007:user1 0