Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1148573 - AD Provider crashes when looking up the "Domain Users" group
AD Provider crashes when looking up the "Domain Users" group
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd (Show other bugs)
7.1
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Jakub Hrozek
Kaushik Banerjee
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2014-10-01 14:41 EDT by Jeremy Agee
Modified: 2015-03-29 23:51 EDT (History)
8 users (show)

See Also:
Fixed In Version: sssd-1.12.1-3.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-03-05 05:33:56 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
FedoraHosted SSSD 2447 None None None Never
Red Hat Product Errata RHBA-2015:0441 normal SHIPPED_LIVE sssd bug fix and enhancement update 2015-03-05 10:05:27 EST

  None (edit)
Description Jeremy Agee 2014-10-01 14:41:44 EDT 
Description of problem:
when two domains both using id_provider = ldap and ldap_schema = ad are configured in sssd.conf. The sssd_be process will segfault and fail to lookup the Domain Users group for the second domain in the config.

Version-Release number of selected component (if applicable):
sssd-1.12.1-2.el7

How reproducible:
everytime

Steps to Reproduce:
[sssd]
domains = sssdad.com, sssdad2012.com

[domain/sssdad.com]
id_provider = ldap
ldap_schema = ad

[domain/sssdad2012.com]
id_provider = ldap
ldap_schema = ad

$ id testuser1@sssdad.com
uid=100003(testuser1@sssdad.com) gid=100000(Domain Users@sssdad.com) groups=100000(Domain Users@sssdad.com)

$ id testuser2@sssdad2012.com
uid=200000(testuser2@sssdad2012.com) gid=200000 groups=200000

/var/log/messages:Oct  1 13:07:22 dhcp129-17 kernel: sssd_be[13498]: segfault at 0 ip 00007f4033a82937 sp 00007fff83f22180 error 4 in libsss_util.so[7f4033a70000+52000]

Actual results:
Group lookups fail for the second domain

Expected results:
Group lookups succeed for the second domain

Additional info:

Reproducer for:
https://fedorahosted.org/sssd/ticket/2447
Comment 1 Jakub Hrozek 2014-10-01 14:47:20 EDT 
Upstream ticket:
https://fedorahosted.org/sssd/ticket/2447
Comment 2 Jakub Hrozek 2014-10-01 14:48:17 EDT 
Fixed by a2147c6c13c36c0ec056581b08a7ed7352ff9861
Comment 9 Jeremy Agee 2015-01-26 15:49:03 EST 
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: multidomain_legacy_01: bz1148573 crash when looking up the Domain Users group on second domain
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Command 'id puser2_dom1-854223@sssdad.com' (Expected 0, got 0)
:: [   PASS   ] :: Command 'id puser2_dom2-854223@sssdad_tree.com' (Expected 0, got 0)
:: [   PASS   ] :: File '/var/log/messages' should not contain 'sssd_be\[[0-9]*\]: segfault' 
:: [   LOG    ] :: Duration: 10s
:: [   LOG    ] :: Assertions: 3 good, 0 bad
:: [   PASS   ] :: RESULT: multidomain_legacy_01: bz1148573 crash when looking up the Domain Users group on second domain
Comment 11 errata-xmlrpc 2015-03-05 05:33:56 EST 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0441.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.