Bug 878419

Summary: sss_userdel doesn't remove entries from in-memory cache
Product: Red Hat Enterprise Linux 6 Reporter: Kaushik Banerjee <kbanerje>
Component: sssdAssignee: Jakub Hrozek <jhrozek>
Status: CLOSED ERRATA QA Contact: Kaushik Banerjee <kbanerje>
Severity: unspecified Docs Contact:
Priority: low    
Version: 6.4CC: dpal, grajaiya, jgalipea, okos, pbrezina, tlavigne
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: sssd-1.9.2-63.el6 Doc Type: Bug Fix
Doc Text:
No documentation needed.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2013-02-21 09:40:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 888457    

Description Kaushik Banerjee 2012-11-20 11:46:18 UTC 
Description of problem:
sss_userdel doesn't remove entries from in-memory cache

Version-Release number of selected component (if applicable):
1.9.2-24

How reproducible:
Always

Steps to Reproduce:
1. Configure sssd for local provider. domain section in sssd.conf
[domain/LOCAL]
id_provider = local

2. Add a user
# sss_useradd -u 1000 -h /home/user1000 -s /bin/bash user1000

3. Lookup the user
# getent passwd user1000
user1000:*:1000:1000:user1000:/home/user1000:/bin/bash

4. Delete the user
# sss_userdel user1000

5. Lookup the user again
# getent passwd user1000
user1000:*:1000:1000:user1000:/home/user1000:/bin/bash
  
Actual results:
User lookup returns the deleted user. This is due to in-memory cache. ldbsearch shows that the user is deleted from ldb cache.

Expected results:
User/Group deletion should delete them both from ldb and in-memory cache

Additional info:
Comment 2 Pavel Březina 2012-11-20 12:38:10 UTC 
Upstream ticket:
https://fedorahosted.org/sssd/ticket/1659
Comment 4 Kaushik Banerjee 2013-01-04 12:28:28 UTC 
This doesn't seem fixed for fully qualified names. Re-opening.

Tested in version 1.9.2-59

Domain section in sssd.conf:
[domain/LOCAL]
id_provider = local
use_fully_qualified_names = TRUE

Test commands:
# sss_useradd testlocal1
# getent passwd testlocal1@LOCAL
testlocal1@LOCAL:*:1000:1000:testlocal1:/home/testlocal1:/bin/bash
# sss_userdel testlocal1@LOCAL
# getent passwd testlocal1@LOCAL
testlocal1@LOCAL:*:1001:1001:testlocal1:/home/testlocal1:/bin/bash
Comment 6 Kaushik Banerjee 2013-01-14 11:57:53 UTC 
Verified in version 1.9.2-68

Report from beaker automation run:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: SSSD local-local test 013 >>> Delete LOCAL User
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'sss_userdel user1000'
:: [   PASS   ] :: LOCAL domain user1000 deleted successfully.
:: [   LOG    ] :: Duration: 0s
:: [   LOG    ] :: Assertions: 2 good, 0 bad
:: [   PASS   ] :: RESULT: SSSD local-local test 013 >>> Delete LOCAL User

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: SSSD local-local test 026 >>> Delete LOCAL Group That Has User Member
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'sss_groupdel group1009'
:: [   PASS   ] :: LOCAL domain group1009 deleted successfully.
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/sssd.ldb -b "name=user1009,cn=users,cn=LOCAL,cn=sysdb" | tee /tmp/output'
:: [   PASS   ] :: File '/tmp/output' should not contain 'memberof: name=group1009,cn=groups,cn=LOCAL,cn=sysdb'
:: [   PASS   ] :: Running 'sss_userdel user1009'
:: [   PASS   ] :: Running 'getent -s sss passwd user1009'
:: [   LOG    ] :: Duration: 1s
:: [   LOG    ] :: Assertions: 6 good, 0 bad
:: [   PASS   ] :: RESULT: SSSD local-local test 026 >>> Delete LOCAL Group That Has User Member

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: SSSD local-local test 034 >>> Delete LOCAL User - Specify Fully Qualified Name
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'sss_userdel user1000@LOCAL'
:: [   PASS   ] :: User deletion using fully qualified name was successful.
:: [   LOG    ] :: Duration: 0s
:: [   LOG    ] :: Assertions: 2 good, 0 bad
:: [   PASS   ] :: RESULT: SSSD local-local test 034 >>> Delete LOCAL User - Specify Fully Qualified Name

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: SSSD local-local test 035 >>> Delete LOCAL Group - Specify Fully Qualified Name
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'sss_groupdel group1000@LOCAL'
:: [   PASS   ] :: Group deletion using fully qualified name was successful.
:: [   LOG    ] :: Duration: 0s
:: [   LOG    ] :: Assertions: 2 good, 0 bad
:: [   PASS   ] :: RESULT: SSSD local-local test 035 >>> Delete LOCAL Group - Specify Fully Qualified Name
Comment 7 errata-xmlrpc 2013-02-21 09:40:49 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html