Red Hat Bugzilla – Bug 1214337
Overrides with --login work in second attempt
Last modified: 2015-11-19 06:38:10 EST
Upstream ticket: https://fedorahosted.org/sssd/ticket/2630
Fixed upstream: master: 2ab9a4538eb2e1a255e645f7efdcfd6bb722d265 sssd-1-12: 3453e4734d2f7738034af61edb7d33c0c7095d8a
A segfault caused by the patch was found. resetting the status to ASSIGNED.
Additional patch landed upstream master: c520f40d1a2d77cf1d413451b5682297733521ed sssd-1-12: e31d5babfd036cf64c9179dc60bbd79f541ef89b
*** Bug 1214717 has been marked as a duplicate of this bug. ***
Verified on RHEL7.2 and Windows 2012 R2. sssd-ldap-1.13.0-35.el7.x86_64 1. After adding the group in AD and setting POSIX attribute GID to the group in AD which matches to the GID in server getent passwd output, the getent passwd $overrideusername gave the output in first attempt. [root@ipa02 ~]# ipa idoverrideuser-add 'default trust view' test100@test.in --login syncuser07 ---------------------------------------- Added User ID override "test100@test.in" ---------------------------------------- Anchor to override: test100@test.in User login: syncuser07 [root@ipaclient02 ~]# service sssd stop; rm -rf /var/lib/sss/{db,mc}/*; service sssd start Redirecting to /bin/systemctl stop sssd.service Redirecting to /bin/systemctl start sssd.service [root@ipaclient02 ~]# getent passwd syncuser07@test.in ; echo $? syncuser07@test.in:*:10099:10000:test100:/home/test.in/test100:/bin/sh 0 [root@ipaclient02 ~]# getent passwd syncuser07@test.in ; echo $? syncuser07@test.in:*:10099:10000:test100:/home/test.in/test100:/bin/sh 0 2. When the below steps are performed, the output for getent passwd is displayed for the first time. [root@ipa02 sssd]# ipa idview-show hostview --show-hosts ID View Name: hostview User object overrides: test99@test.in Group object overrides: grp1@test.in Hosts the view applies to: ipaclient02.labs02.test [root@ipaclient02 ~]# service sssd stop; rm -rf /var/lib/sss/{db,mc}/*; service sssd start Redirecting to /bin/systemctl stop sssd.service Redirecting to /bin/systemctl start sssd.service [root@ipaclient02 ~]# getent passwd syncuser07@test.in ; echo $? syncuser07@test.in:*:10099:10000:test100:/home/test.in/test100:/bin/sh 0
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-2355.html