Bug 640602
Summary: | sssd is not escaping correctly LDAP searches | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Dmitri Pal <dpal> |
Component: | sssd | Assignee: | Stephen Gallagher <sgallagh> |
Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 6.0 | CC: | benl, grajaiya, jgalipea, loris, sgallagh |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | sssd-1.5.0-1.el6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | 640597 | Environment: | |
Last Closed: | 2011-05-19 11:41:32 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 640597 | ||
Bug Blocks: | 640601 |
Description
Dmitri Pal
2010-10-06 12:55:44 UTC
On server: # user\5Ca, People, example.com dn: uid=user\5Ca,ou=People,dc=example,dc=com uidNumber: 29201 gidNumber: 29201 objectClass: top objectClass: posixAccount objectClass: inetuser cn: user\5Ca homeDirectory: /home/usera loginShell: /bin/bash uid: user\a userPassword:: U2VjcmV0MTIz # group\5Ca, Groups, example.com dn: cn=group\5Ca,ou=Groups,dc=example,dc=com gidNumber: 29201 objectClass: top objectClass: posixGroup memberUid: uid=user\5Ca,ou=People,dc=example,dc=com cn: group\a # user\5C001, People, example.com dn: uid=user\5C001,ou=People,dc=example,dc=com uidNumber: 29204 gidNumber: 29204 objectClass: top objectClass: posixAccount objectClass: inetuser cn: user001 homeDirectory: /home/user001 loginShell: /bin/bash uid: user\001 userPassword:: U2VjcmV0MTIz # group\5C001, Groups, example.com dn: cn=group\5C001,ou=Groups,dc=example,dc=com gidNumber: 29204 objectClass: top objectClass: posixGroup memberUid: uid=user\5C001,ou=People,dc=example,dc=com cn: group\001 On Client: [domain/default] id_provider = ldap auth_provider = ldap ldap_uri = ldaps://sssdldap.redhat.com:636 ldap_search_base = dc=example,dc=com ldap_tls_reqcert = demand ldap_tls_cacertdir = /etc/openldap/cacerts ldap_tls_cacert = /etc/openldap/cacerts/cacert.asc cache_credentials = true enumerate = false debug_level = 9 # id user\\a uid=29201(user\a) gid=29201(group\a) groups=29201(group\a) # id -G -n user\\a group\a # id user\\001 uid=29204(user\001) gid=29204(group\001) groups=29204(group\001) # id -G -n user\\001 group\001 # ssh -l user\\a localhost user\a@localhost's password: Creating directory '/home/usera'. Last login: Thu Apr 7 15:35:18 2011 from localhost [user\a@rhel6-1 ~]$ id uid=29201(user\a) gid=29201(group\a) groups=29201(group\a) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 Verified. # rpm -qi sssd Name : sssd Relocations: (not relocatable) Version : 1.5.1 Vendor: Red Hat, Inc. Release : 24.el6 Build Date: Sat 02 Apr 2011 01:24:54 AM IST Install Date: Tue 05 Apr 2011 11:11:29 AM IST Build Host: x86-012.build.bos.redhat.com Group : Applications/System Source RPM: sssd-1.5.1-24.el6.src.rpm Size : 3462740 License: GPLv3+ Signature : (none) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://fedorahosted.org/sssd/ Summary : System Security Services Daemon An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2011-0560.html An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2011-0560.html |