Bug 705434
| Summary: | IPA provider fails initgroups() if user is not a member of any group | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Stephen Gallagher <sgallagh> | |
| Component: | sssd | Assignee: | Stephen Gallagher <sgallagh> | |
| Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> | |
| Severity: | unspecified | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 6.1 | CC: | benl, dpal, grajaiya, jgalipea, jhrozek, prc | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | sssd-1.5.1-35.el6 | Doc Type: | Bug Fix | |
| Doc Text: |
Cause: the IPA provider would report an error if it did not find any group memberships for a user during the initgroups operation
Consequence: The initgroups operation failed
Fix: the IPA provider was fixed so that it gracefully handles users without group memberships
Result: initgroups operation succeeds for users that are not members of any group
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 748834 (view as bug list) | Environment: | ||
| Last Closed: | 2011-12-06 16:38:24 UTC | Type: | --- | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 748834 | |||
|
Description
Stephen Gallagher
2011-05-17 16:45:38 UTC
Upstream ticket https://fedorahosted.org/sssd/ticket/872 Server: # ipa user-add --first=shanks --last=r --password User login [sr]: shanks Password: Enter Password again to verify: ------------------- Added user "shanks" ------------------- User login: shanks First name: shanks Last name: r Full name: shanks r Display name: shanks r Initials: sr Home directory: /home/shanks GECOS field: shanks r Login shell: /bin/sh Kerberos principal: shanks.PNQ.REDHAT.COM UID: 63600003 GID: 63600003 Keytab: True Password: True # ipa group-remove-member ipausers --users=shanks Group name: ipausers Description: Default group for all users GID: 63600001 --------------------------- Number of members removed 1 --------------------------- # ipa user-show shanks User login: shanks First name: shanks Last name: r Home directory: /home/shanks Login shell: /bin/sh UID: 63600003 GID: 63600003 Account disabled: False Keytab: True Password: True Client: [root@ratchet ~]# su - shanks Creating home directory for shanks. -sh-4.1$ Verified. # rpm -qi sssd | head Name : sssd Relocations: (not relocatable) Version : 1.5.1 Vendor: Red Hat, Inc. Release : 53.el6 Build Date: Fri 30 Sep 2011 10:10:28 AM EDT Install Date: Mon 03 Oct 2011 08:54:42 AM EDT Build Host: hs20-bc2-3.build.redhat.com Group : Applications/System Source RPM: sssd-1.5.1-53.el6.src.rpm Size : 3551489 License: GPLv3+ Signature : (none) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://fedorahosted.org/sssd/ Summary : System Security Services Daemon
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
Cause: the IPA provider would report an error if it did not find any group memberships for a user during the initgroups operation
Consequence: The initgroups operation failed
Fix: the IPA provider was fixed so that it gracefully handles users without group memberships
Result: initgroups operation succeeds for users that are not members of any group
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2011-1529.html |