Bug 1165794 - sssd does not work with custom value of option re_expression
Summary: sssd does not work with custom value of option re_expression
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd
Version: 7.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Michal Zidek
QA Contact: Kaushik Banerjee
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-11-19 17:48 UTC by Jakub Hrozek
Modified: 2020-05-02 17:51 UTC (History)
9 users (show)

Fixed In Version: sssd-1.12.2-24.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-03-05 10:34:21 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github SSSD sssd issues 3529 0 None None None 2020-05-02 17:51:23 UTC
Red Hat Product Errata RHBA-2015:0441 0 normal SHIPPED_LIVE sssd bug fix and enhancement update 2015-03-05 15:05:27 UTC

Description Jakub Hrozek 2014-11-19 17:48:08 UTC
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/sssd/ticket/2487

How to reproduce:
 * configure sssd with ipa (ipa-client-install)
 * amend sssd configuration with following snippet
{{{
re_expression = (?P<name>[^@]+)@(?P<domain>[^@]+)
full_name_format = %1$s@%2$s
use_fully_qualified_names = True
}}}
 * try to obtain info about user
{{{
   getent passwd admin@ipa.domain
}}}

The change can be related to views because there is a failure in sssd_nss.log
(the request was not populated to backend due to this failure)

{{{
[nss_cmd_getbynam] (0x0400): Running command [17] with input [admin@ipa.domain].
[sss_parse_name_for_domains] (0x0200): name 'admin@ipa.domain' matched expression for domain 'ipa.domain', user is admin
[nss_cmd_getbynam] (0x0100): Requesting info for [admin] from [ipa.domain]
[sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/ipa.domain/admin]
[nss_cmd_getpwnam_search] (0x0100): Requesting info for [admin@ipa.domain]
[sysdb_getpwnam_with_views] (0x0040): sysdb_getpwnam failed.
[nss_cmd_getpwnam_search] (0x0020): Failed to make request to our cache!
[reset_idle_timer] (0x4000): Idle timer re-set for client [0x7f582f90fbb0][20] 
[reset_idle_timer] (0x4000): Idle timer re-set for client [0x7f582f90fbb0][20] 
[client_recv] (0x0200): Client disconnected!
[client_destructor] (0x2000): Terminated client [0x7f582f90fbb0][20]
}}}

It is not visible in sssd_nss log file, but function ''sysdb_getpwnam'' failed because it called function ''sss_get_domain_name'' which returned ''NULL''.

Comment 1 Jakub Hrozek 2014-11-25 13:04:20 UTC
* e894a127a9979dea667408b0cced59fedc3bcd0a
* 8394eddba54b5d3e3fda868145e3751247bdbdb2
* 5777a98940bd742d213fba8ff55c070c5a058fc6

Comment 3 Kaushik Banerjee 2014-12-29 11:41:31 UTC
Verified with sssd-1.12.2-39.el7


Output from beaker automation run:

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: bug_automation_008: BZ1165794 sssd does not work with custom value of option re_expression
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [  BEGIN   ] :: Running 'getent passwd $AD_SERVER1_SHORT_REALM\testuser01-${JOBID}'
sssdad2012.com\testuser01-836841:*:1663207504:1663200513:testuser01-836841:/:
:: [   PASS   ] :: Command 'getent passwd $AD_SERVER1_SHORT_REALM\\testuser01-${JOBID}' (Expected 0, got 0)
:: [  BEGIN   ] :: Running 'getent group $AD_SERVER1_SHORT_REALM\testgroup01-${JOBID}'
sssdad2012.com\testgroup01-836841:*:1663207505:sssdad2012.com\testuser01-836841
:: [   PASS   ] :: Command 'getent group $AD_SERVER1_SHORT_REALM\\testgroup01-${JOBID}' (Expected 0, got 0)
bug-automation-008-BZ1165794-sssd-does-not-work-with-custom-value-of-option-re-expression result: PASS

Comment 5 errata-xmlrpc 2015-03-05 10:34:21 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0441.html


Note You need to log in before you can comment on or make changes to this bug.