Bug 1259512 - sss_override : The local override user is not found
Summary: sss_override : The local override user is not found
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd
Version: 7.2
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Pavel Březina
QA Contact: Dan Lavu
Depends On:
TreeView+ depends on / blocked
Reported: 2015-09-02 20:32 UTC by Dan Lavu
Modified: 2020-05-02 18:09 UTC (History)
10 users (show)

Fixed In Version: sssd-1.13.0-29.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2015-11-19 11:40:16 UTC
Target Upstream Version:

Attachments (Terms of Use)
sssd_logs (125.57 KB, text/plain)
2015-09-02 20:37 UTC, Dan Lavu
no flags Details

System ID Priority Status Summary Last Updated
Github SSSD sssd issues 3823 None None None 2020-05-02 18:09:50 UTC
Red Hat Product Errata RHSA-2015:2355 normal SHIPPED_LIVE Low: sssd security, bug fix, and enhancement update 2015-11-19 10:27:42 UTC

Description Dan Lavu 2015-09-02 20:32:49 UTC
Description of problem:

When using sss_override the local override user is not found

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Add AD user to override 

[root@rhel72 ~]#  sss_override user-add dlavu@sssd2012.com  -n dlavu1@sssd2012.com 
SSSD needs to be restarted for the changes to take effect.

2. restart sssd
3. get entry on user

Actual results:
root@rhel72 ~]# getent passwd dlavu1@sssd2012.com
no results

Expected results:
User is found 

*NOTE* Searching by the original name, the user is found and the override is viewed correctly

[root@rhel72 ~]# getent passwd dlavu@sssd2012.com
dlavu1@sssd2012.com@sssd2012.com:*:349001105:349000513:Dan Lavu:/home/dlavu1@sssd2012.com:/bin/bash

Additional info:

Logs are attached.

Comment 2 Dan Lavu 2015-09-02 20:37:39 UTC
Created attachment 1069589 [details]

Comment 3 Pavel Březina 2015-09-03 10:40:32 UTC
You should not use fqn in --name. The correct command is:

sss_override user-add dlavu@sssd2012.com  -n dlavu1

The question is, is it something we want to change?

Comment 4 Dan Lavu 2015-09-03 10:58:09 UTC
Okay, that does work but it is confusing. Either we document it better or we change it to accept the same format.

Comment 5 Jakub Hrozek 2015-09-05 15:28:55 UTC
Upstream ticket:

Comment 6 Jakub Hrozek 2015-09-05 20:36:58 UTC
Marking as exception? 

Rationale - the fix for this issue would be easy and low-risk. At the same time, this bug deviates sssd's behaviour from the proprietary tool we'd like to displace.

Please ack for 7.2 exception. Thank you!

Comment 7 Pavel Březina 2015-09-15 10:52:09 UTC
Patch is awaiting review.

Comment 8 Jakub Hrozek 2015-09-16 14:54:28 UTC
* master: 4649f19ea4b11c428ca75803beda8d495a0c9335

Comment 11 Dan Lavu 2015-09-22 16:44:11 UTC
Verified against sssd-ad-1.13.0-33.el7.x86_64. 

[root@sssd1-13-0-29 ~]# sss_override user-add -n dlavu123@sssdad2012r2.com dlavu@sssdad2012r2.com
SSSD needs to be restarted for the changes to take effect.

[root@sssd1-13-0-29 ~]# service sssd restart
Redirecting to /bin/systemctl restart  sssd.service

[root@sssd1-13-0-29 ~]# getent passwd dlavu123@sssdad2012r2.com
dlavu123@sssdad2012r2.com:*:768001104:768000513:Dan Lavu:/home/dlavu123@sssdad2012r2.com:/bin/bash

Comment 12 errata-xmlrpc 2015-11-19 11:40:16 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.