Bug 1259512

Summary: sss_override : The local override user is not found
Product: Red Hat Enterprise Linux 7 Reporter: Dan Lavu <dlavu>
Component: sssdAssignee: Pavel Březina <pbrezina>
Status: CLOSED ERRATA QA Contact: Dan Lavu <dlavu>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.2CC: grajaiya, jgalipea, jhrozek, lslebodn, mkosek, mzidek, pbrezina, preichl, sgoveas, tlavigne
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: sssd-1.13.0-29.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-11-19 11:40:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
sssd_logs none

Description Dan Lavu 2015-09-02 20:32:49 UTC 
Description of problem:

When using sss_override the local override user is not found

Version-Release number of selected component (if applicable):
sssd-client-1.13.0-24.el7.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Add AD user to override 

[root@rhel72 ~]#  sss_override user-add dlavu  -n dlavu1 
SSSD needs to be restarted for the changes to take effect.

2. restart sssd
3. get entry on user

Actual results:
root@rhel72 ~]# getent passwd dlavu1
no results

Expected results:
User is found 

*NOTE* Searching by the original name, the user is found and the override is viewed correctly

[root@rhel72 ~]# getent passwd dlavu
dlavu1@sssd2012.com:*:349001105:349000513:Dan Lavu:/home/dlavu1:/bin/bash


Additional info:

Logs are attached.
Comment 2 Dan Lavu 2015-09-02 20:37:39 UTC 
Created attachment 1069589 [details]
sssd_logs
Comment 3 Pavel Březina 2015-09-03 10:40:32 UTC 
You should not use fqn in --name. The correct command is:

sss_override user-add dlavu  -n dlavu1

The question is, is it something we want to change?
Comment 4 Dan Lavu 2015-09-03 10:58:09 UTC 
Okay, that does work but it is confusing. Either we document it better or we change it to accept the same format.
Comment 5 Jakub Hrozek 2015-09-05 15:28:55 UTC 
Upstream ticket:
https://fedorahosted.org/sssd/ticket/2782
Comment 6 Jakub Hrozek 2015-09-05 20:36:58 UTC 
Marking as exception? 

Rationale - the fix for this issue would be easy and low-risk. At the same time, this bug deviates sssd's behaviour from the proprietary tool we'd like to displace.

Please ack for 7.2 exception. Thank you!
Comment 7 Pavel Březina 2015-09-15 10:52:09 UTC 
Patch is awaiting review.
Comment 8 Jakub Hrozek 2015-09-16 14:54:28 UTC 
* master: 4649f19ea4b11c428ca75803beda8d495a0c9335
Comment 11 Dan Lavu 2015-09-22 16:44:11 UTC 
Verified against sssd-ad-1.13.0-33.el7.x86_64. 

[root@sssd1-13-0-29 ~]# sss_override user-add -n dlavu123 dlavu
SSSD needs to be restarted for the changes to take effect.


[root@sssd1-13-0-29 ~]# service sssd restart
Redirecting to /bin/systemctl restart  sssd.service


[root@sssd1-13-0-29 ~]# getent passwd dlavu123
dlavu123:*:768001104:768000513:Dan Lavu:/home/dlavu123:/bin/bash
Comment 12 errata-xmlrpc 2015-11-19 11:40:16 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-2355.html