Red Hat Bugzilla – Bug 1147663
authconfig crashes if case_sensitive=preserving in sssd.conf
Last modified: 2015-03-05 05:33:51 EST
Description of problem: authconfig crashes if case_sensitive=preserving in sssd.conf Version-Release number of selected component (if applicable): authconfig-6.2.8-8.el7.x86_64 sssd-1.12.1-2.el7.x86_64 How reproducible: Always Steps to Reproduce: 1. Add case_sensitive=preserving in the domain section of sssd.conf # authconfig --enablesssd --enablesssdauth --updateall Traceback (most recent call last): File "/usr/sbin/authconfig", line 1067, in <module> sys.exit(module.run()) File "/usr/sbin/authconfig", line 643, in run self.readAuthInfo() File "/usr/sbin/authconfig", line 414, in readAuthInfo self.info = authinfo.read(self.printError) File "/usr/share/authconfig/authinfo.py", line 985, in read info.read() File "/usr/share/authconfig/authinfo.py", line 2470, in read self.readSSSD(ref) File "/usr/share/authconfig/authinfo.py", line 1853, in readSSSD domain = self.sssdConfig.get_domain(domname) File "/usr/lib/python2.7/site-packages/SSSDConfig/__init__.py", line 1847, in get_domain domain.set_option(opt['name'], opt['value']) File "/usr/lib/python2.7/site-packages/SSSDConfig/__init__.py", line 1149, in set_option (option_schema[0], option, type(value))) TypeError: Expected <type 'bool'> for case_sensitive, received <type 'str'> Actual results: traceback in authconfig Expected results: authconfig should not crash Additional info:
I think SSSDConfig should not propagate this exception in the get_domain method.
We changed the option from bool (true|false) to a tri-state (true|false|preserving) so the internal representation was changed to a string. Michal, can you take a look, please?
This is my mistake. When I changed the option to string I forgot to declare it as such in the sssd.api.conf. Sending patch to the devel-list now.
(In reply to Michal Zidek from comment #4) > This is my mistake. When I changed the option to string I forgot to declare > it as such in the sssd.api.conf. Sending patch to the devel-list now. Thanks, cloning!
Upstream ticket: https://fedorahosted.org/sssd/ticket/2452
Fixed in master: * master: b6e1f016e300fa5bd33bfedc1e57f9f83de19e79
Verified with sssd-1.12.2-28.el7 Domain section has: [domain/LDAP] id_provider = ldap ldap_uri = ldaps://<ldapserver> ldap_tls_cacert = /etc/openldap/certs/cacert.asc ldap_search_base = dc=example,dc=com case_sensitive=preserving # authconfig --enablesssd --enablesssdauth --updateall ; echo $? 0
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-0441.html