Hide Forgot
Description of problem: sss_override has an extra argument that is not listed in the documentation or the command arguments. Version-Release number of selected component (if applicable): sssd-tools-1.13.0-11.el7.x86_64 How reproducible: Always Steps to Reproduce: man sss_override sss_override Actual results: ######################################################################### SSS_OVERRIDE(8) SSSD Manual pages SSS_OVERRIDE(8) NAME sss_override - create local overrides of user and group attributes SYNOPSIS sss_override COMMAND [options] DESCRIPTION sss_override enables to create a client-side view and allows to change selected values of specific user and groups. This change takes effect only on local machine. Overrides data are stored in SSSD cache. If the cache is deleted all local overrides are lost. AVAILABLE COMMANDS Argument NAME is the name of original object in all commands. It is not possible to override uid or gid to 0. user-add NAME [-n,--name NAME] [-u,--uid UID] [-g,--gid GID] [-h,--home HOME] [-s,--shell SHELL] [-c,--gecos GECOS] Override attributes of an user. user-del NAME Remove user overrides. group-add NAME [-n,--name NAME] [-g,--gid GID] Override attributes of a group. group-del NAME Remove group overrides. SEE ALSO sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5),sss_cache(8), sss_debuglevel(8), sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8), sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8),sssd-ifp(5),pam_sss(8). sss_rpcidmapd(5) AUTHORS The SSSD upstream - http://fedorahosted.org/sssd SSSD ######################################################################### [root@rhel72beta db]# sss_override Usage: sss_override COMMAND COMMAND-ARGS Available commands: * user-add * user-del * group-add * group-del [root@rhel72beta db]# sss_override user-add Missing option: Specify name of modified object. Usage: sss_override user-add NAME [OPTIONS...] -n, --name=STRING Override name -u, --uid=INT Override uid (non-zero value) -g, --gid=INT Override gid (non-zero value) -h, --home=STRING Override home directory -s, --shell=STRING Override shell -c, --gecos=STRING Override gecos Help options: -?, --help Show this help message --usage Display brief usage message [root@rhel72beta db]# sss_override user-add --debug 0x3ff0 (Mon Aug 17 12:48:28:006282 2015) [sssd] [ldb] (0x0400): server_sort:Unable to register control with rootdse! (Mon Aug 17 12:48:28:006374 2015) [sssd] [confdb_get_domain_internal] (0x0400): No enumeration for [sssd2012.com]! (Mon Aug 17 12:48:28:006400 2015) [sssd] [confdb_get_domain_internal] (0x1000): pwd_expiration_warning is -1 (Mon Aug 17 12:48:28:006420 2015) [sssd] [sysdb_domain_init_internal] (0x0200): DB File for sssd2012.com: /var/lib/sss/db/cache_sssd2012.com.ldb (Mon Aug 17 12:48:28:006469 2015) [sssd] [ldb] (0x0400): asq: Unable to register control with rootdse! (Mon Aug 17 12:48:28:006564 2015) [sssd] [sss_names_init_from_args] (0x0100): Using re [(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))]. (Mon Aug 17 12:48:28:006570 2015) [sssd] [sss_fqnames_init] (0x0100): Using fq format [%1$s@%2$s]. Missing option: Specify name of modified object. Usage: sss_override user-add NAME [OPTIONS...] -n, --name=STRING Override name -u, --uid=INT Override uid (non-zero value) -g, --gid=INT Override gid (non-zero value) -h, --home=STRING Override home directory -s, --shell=STRING Override shell -c, --gecos=STRING Override gecos Help options: -?, --help Show this help message --usage Display brief usage message (Mon Aug 17 12:48:28:006637 2015) [sssd] [parse_cmdline] (0x0020): Unable to parse command arguments (Mon Aug 17 12:48:28:006642 2015) [sssd] [override_user_add] (0x0020): Unable to parse command line. Expected results: [root@rhel72beta db]# sss_override user-add Missing option: Specify name of modified object. Usage: sss_override user-add NAME [OPTIONS...] -n, --name=STRING Override name -u, --uid=INT Override uid (non-zero value) -g, --gid=INT Override gid (non-zero value) -h, --home=STRING Override home directory -s, --shell=STRING Override shell -c, --gecos=STRING Override gecos -d, --debug=STRING Enable debug at level Help options: -?, --help Show this help message --usage Display brief usage message Additional info:
Upstream ticket: https://fedorahosted.org/sssd/ticket/2758
Easyfix, acking for RHEL
Verified, testing against sssd-1.13.0-26.el7.x86_64. #################################### [root@test ~]# sss_override Usage: sss_override COMMAND COMMAND-ARGS Available commands: * user-add * user-del * user-import * user-export * group-add * group-del * group-import * group-export Common options: --debug=INT Enable debug at level #################################### Snipped from the MAN page -d,--debug LEVEL SSSD supports two representations for specifying the debug level. The simplest is to specify a decimal value from 0-9, which represents enabling that level and all lower-level debug messages. The more comprehensive option is to specify a hexadecimal bitmask to enable or disable specific levels (such as if you wish to suppress a level). Please note that each SSSD service logs into its own log file. Also please note that enabling “debug_level” in the “[sssd]” section only enables debugging just for the sssd process itself, not for the responder or provider processes. The “debug_level” parameter should be added to all sections that you wish to produce debug logs from. In addition to changing the log level in the config file using the “debug_level” parameter, which is persistent, but requires SSSD restart, it is also possible to change the debug level on the fly using the sss_debuglevel(8) tool. ####################################
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-2355.html