Bug 874673

Summary: user id lookup fails using proxy provider
Product: Red Hat Enterprise Linux 6 Reporter: Kaushik Banerjee <kbanerje>
Component: sssdAssignee: Jakub Hrozek <jhrozek>
Status: CLOSED ERRATA QA Contact: Kaushik Banerjee <kbanerje>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.4CC: grajaiya, jgalipea, pbrezina
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: sssd-1.9.2-27.el6 Doc Type: Bug Fix
Doc Text:
No documentation needed.
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-02-21 09:39:59 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 881827    

Description Kaushik Banerjee 2012-11-08 15:57:03 UTC
Description of problem:
user id lookup fails with proxy provider

Version-Release number of selected component (if applicable):
1.9.2-7

How reproducible:
Always

Steps to Reproduce:
1. Add a user and group in ldap as:
Group1 --> puser1

2. Setup sssd.conf for proxy provider as:
[domain/PROXY]
id_provider = proxy
debug_level = 0xFFF0
proxy_lib_name = ldap
proxy_pam_target = sssdproxyldap

3. # getent group Group1
Group1:*:2001:puser1

# id puser1
id: puser1: No such user

Note: You need to run it in correct order as:
# getent group Group1;id puser1
  
Actual results:
"id puser1" fails.

Expected results:
"id puser1" should work.

Additional info:
/var/log/sssd/sssd_PROXY.log shows:
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 2)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_error_to_errno] (0x0020): LDB returned unexpected error: [No such attribute]
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_add_user] (0x0400): Error: 14 (Bad address)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 1)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_store_user] (0x0040): Could not add user
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 0)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_store_user] (0x0400): Error: 14 (Bad address)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [save_user] (0x0040): Could not add user to cache
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [get_pw_name] (0x0040): proxy -> getpwnam_r failed for 'puser1' <14>: Bad address
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,14,Internal Error (Cannot make/remove an entry for the specified session)

Comment 2 Jakub Hrozek 2012-11-08 17:30:06 UTC
Upstream ticket:
https://fedorahosted.org/sssd/ticket/1628

Comment 4 Kaushik Banerjee 2012-12-28 12:51:21 UTC
Verified in version 1.9.2-59

Output of beaker automation run:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: proxy-ldap_024 Looking up aliases bz874673
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

adding new entry "uid=testuser1,ou=People,dc=example,dc=com"

adding new entry "cn=testgroup1,ou=Groups,dc=example,dc=com"

Stopping sssd: [  OK  ]
Starting sssd: [  OK  ]
[  OK  ]
:: [05:47:31] ::  Sleeping for 5 seconds
testgroup1:*:32300:testuser1
:: [   PASS   ] :: Running 'getent group testgroup1'
uid=32300(testuser1) gid=32300(testgroup1) groups=32300(testgroup1)
:: [   PASS   ] :: Running 'id testuser1'
testuser1:*:32300:32300:TestUser1:/export/testuser1:
:: [   PASS   ] :: Running 'getent passwd testuser1'
testgroup1:*:32300:testuser1
:: [   PASS   ] :: Running 'getent group testgroup1_alias'
testuser1:*:32300:32300:TestUser1:/export/testuser1:
:: [   PASS   ] :: Running 'getent passwd testuser1_alias'
'd4d69618-4d5d-4e9d-b2e6-a32c1d58d960'
proxy-ldap-024-Looking-up-aliases-bz874673 result: PASS

Comment 5 errata-xmlrpc 2013-02-21 09:39:59 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html