Bug 1214716 - idoverridegroup for ipa group with --group-name does not work
Summary: idoverridegroup for ipa group with --group-name does not work
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd
Version: 7.1
Hardware: Unspecified
OS: Unspecified
medium
unspecified
Target Milestone: rc
: ---
Assignee: SSSD Maintainers
QA Contact: Kaushik Banerjee
URL:
Whiteboard:
Depends On: 1213716
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-04-23 12:43 UTC by Martin Kosek
Modified: 2020-05-02 18:01 UTC (History)
13 users (show)

Fixed In Version: sssd-1.13.0-0.1.alpha.el7
Doc Type: Bug Fix
Doc Text:
Clone Of: 1213716
Environment:
Last Closed: 2015-11-19 11:38:16 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github SSSD sssd issues 3672 None None None 2020-05-02 18:01:48 UTC
Red Hat Product Errata RHSA-2015:2355 normal SHIPPED_LIVE Low: sssd security, bug fix, and enhancement update 2015-11-19 10:27:42 UTC

Comment 1 Jakub Hrozek 2015-04-24 14:23:20 UTC
Upstream ticket:
https://fedorahosted.org/sssd/ticket/2631

Comment 2 Jakub Hrozek 2015-04-27 13:54:15 UTC
Fixed upstream:
    master: 605dc7fcc848dffb7c9d270c864c70e6dff1242e
    sssd-1-12: 1b2119aab14a4ea3ca6de0d29a661b2825bfec8d

Comment 6 Sudhir Menon 2015-09-29 14:02:29 UTC
Added members to the group and they are listed in getent output.

[root@ipa02 sssd]# ipa idview-add
ID View Name: hostview
------------------------
Added ID View "hostview"
------------------------
  ID View Name: hostview
[root@ipa02 sssd]# ipa idoverridegroup-add
ID View Name: hostview
Anchor to override: ipagrp2@test.in
-----------------------------------------
Added Group ID override "ipagrp2@test.in"
-----------------------------------------
  Anchor to override: ipagrp2@test.in
[root@ipa02 sssd]# ipa idview-apply hostview --hosts ipaclient02.labs02.test
--------------------------
Applied ID View "hostview"
--------------------------
  hosts: ipaclient02.labs02.test
---------------------------------------------
Number of hosts the ID View was applied to: 1
---------------------------------------------
[root@ipa02 sssd]# ipa idoverridegroup-add hostview grp2@test.in --group-name ipagrp2
--------------------------------------
Added Group ID override "grp2@test.in"
--------------------------------------
  Anchor to override: grp2@test.in
  Group name: ipagrp2


[root@ipaclient02 ~]# service sssd stop; rm -rf /var/lib/sss/{db,mc}/*; service sssd start
Redirecting to /bin/systemctl stop  sssd.service
Redirecting to /bin/systemctl start  sssd.service

[root@ipaclient02 ~]# getent group ipagrp2@test.in ; echo $?
ipagrp2@test.in:*:30012:test2@test.in,test1@test.in
0

[root@ipaclient02 ~]# getent group ipagrp2@test.in
ipagrp2@test.in:*:30012:test2@test.in,test1@test.in

[root@ipaclient02 ~]# id test1@test.in
uid=10017(test1@test.in) gid=30012(ipagrp2@test.in) groups=30012(ipagrp2@test.in),10010(domain users@test.in)

[root@ipaclient02 ~]# id test2@test.in
uid=10018(test2@test.in) gid=30012(ipagrp2@test.in) groups=30012(ipagrp2@test.in),10010(domain users@test.in)

Comment 7 errata-xmlrpc 2015-11-19 11:38:16 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-2355.html


Note You need to log in before you can comment on or make changes to this bug.