Bug 1127278 - Auth fails when space in username is replaced with character set by override_default_whitespace
Summary: Auth fails when space in username is replaced with character set by override_...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sssd
Version: 6.6
Hardware: All
OS: All
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Jakub Hrozek
QA Contact: Kaushik Banerjee
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-08-06 14:09 UTC by Amith
Modified: 2014-10-14 04:49 UTC (History)
8 users (show)

Fixed In Version: sssd-1.11.6-20.el6
Doc Type: Enhancement
Doc Text:
The "override_space" option has been introduced to SSSD, which allows users to replace spaces in user names and group names with a specified character string. This makes it easier to use certain shell scripts or other applications that cannot properly handle user names and group names containing spaces. For further information on "override_space", refer to the sssd.conf(5) man page.
Clone Of:
Environment:
Last Closed: 2014-10-14 04:49:24 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2014:1375 normal SHIPPED_LIVE sssd bug fix and enhancement update 2014-10-14 01:06:25 UTC

Description Amith 2014-08-06 14:09:22 UTC
Description of problem:

When SSSD new feature "override_default_whitespace" is set, it replaces white space from usernames/groupnames with the configured character, lets say _(underscore). So upon lookup user "Harry Potter" becomes "Harry_Potter". In this case, user login fails when auth is conducted without spaces, ie username is "Harry_Potter, however auth works fine with space, ie when username is "Harry Potter". 

Version-Release number of selected component (if applicable):
sssd-1.11.6-12.el6.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Create an ldap user name with space, say "Harry Potter". 
2. Set override_default_whitespace = _ in sssd.conf
3. Login with and without space in user name, you will see that auth fails when username is "Harry_Potter".


Actual results:
Auth fails.

Expected results:
Auth should succeed.

Additional info:

Comment 2 Jakub Hrozek 2014-08-06 19:07:07 UTC
Upstream ticket:
https://fedorahosted.org/sssd/ticket/2397

Comment 3 Jakub Hrozek 2014-08-13 13:54:51 UTC
Fixed upstream:
    master:
        ef49e1d709c3cbb3eccbc22710964e1ffe2612c9
        3b96d478851fbbe391ab30e3d6a0afdb9ecdd4a0
        fcfd1cb69762c49ba56326dfc85008c1d83333b2
        0fcc9ed1c66bed7ef3a0bcd6c517280a82391d2b
        f3a5ac1a50c1fccd0801023658e42d2093e1a33a
        1f3127e88a87953f059c9a70d3582ae1719594b1 
    sssd-1-11:
        3fa31631d74d09ce6b52b6b8cd3c994c9f2a2db4
        6bbb1da6dd9365592b4be309cf3bd7f245d844a8
        f9cab654c8217a4f1b983bcf92dc36acffffe58f
        61cba55a3e44a937703a690254ccb3e0dd65dbb6
        5b4c81cab999c1f5a385754badd9e88600cbf3fa

Comment 5 Amith 2014-08-25 10:43:46 UTC
With SSSD Version sssd-1.11.6-24.el6.x86_64, the automation runs FAIL for override_default_whitespace test suite. See the beaker output below:-

:: [   LOG    ] :: override_default_whitespace_2: Set override_default_whitespace = _ in nss section and run user lookup
:: [  BEGIN   ] :: Lookup should return name without space. :: actually running 'getent passwd -s sss "Test User"'
Test User:*:10011:10011:Example TestUser:/home/Testuser:/bin/bash
:: [   PASS   ] :: Lookup should return name without space. (Expected 0, got 0)
:: [  BEGIN   ] :: Lookup should return name without space. :: actually running 'getent passwd -s sss Test_User'
:: [   FAIL   ] :: Lookup should return name without space. (Expected 0, got 2)

Comment 6 Lukas Slebodnik 2014-08-25 12:13:03 UTC
As a result of this ticket, we had a discussion in upstream and we decidet to change name of this option.

Currently, you should use option override_space.
man sssd.conf
  -> SPECIAL SECTIONS
     -> The [sssd] section
        -> override_space (string)

Sorry for troubles. We should have mentioned it in this BZ earlier.

Comment 7 Amith 2014-08-26 06:39:04 UTC
Verified the bug on SSSD Version ; sssd-1.11.6-24.el6.x86_64

I made changes to automation code as per Comment #6 and the beaker run looks great now. See the output below:

================ final pass/fail report =================
   Test Date: Mon Aug 25 13:34:09 EDT 2014 
   Total : [8] 
   Passed: [8] 
   Failed: [0] 
   Abort : [0]
---------------------------------------------------------
   [   PASS   ]      Setup
   [   PASS   ]      override_space_1  Default behaviour when override_space is not set in sssd.conf
   [   PASS   ]      override_space_2  Set override_space = _ in sssd section and run user lookup
   [   PASS   ]      override_space_3  Set override_space = _ and run user auth
   [   PASS   ]      override_space_4  Set override_space = _ and run user id and groups
   [   PASS   ]      override_space_5  Behaviour while running chown and chgrp commands
   [   PASS   ]      Cleanup
   [   PASS   ]      unknown


=========================================================

Comment 8 errata-xmlrpc 2014-10-14 04:49:24 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1375.html


Note You need to log in before you can comment on or make changes to this bug.