First Last Prev Next    This bug is not in your last search results.
Bug 1267837 - sssd_be crashed in ipa_srv_ad_acct_lookup_step
sssd_be crashed in ipa_srv_ad_acct_lookup_step
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd (Show other bugs)
7.2
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: SSSD Maintainers
Kaushik Banerjee
: Regression
: 1269058 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-10-01 04:01 EDT by Lukas Slebodnik
Modified: 2015-11-19 06:40 EST (History)
12 users (show)

See Also:
Fixed In Version: sssd-1.13.0-39.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-11-19 06:40:59 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Lukas Slebodnik 2015-10-01 04:01:08 EDT 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/sssd/ticket/2810

{{{
crash_function: ipa_srv_ad_acct_lookup_step                                                     executable:     /usr/libexec/sssd/sssd_be                                                                 
pkg_name:       sssd-common                                                                               
pkg_release:    0.20150930.1317.git6491a24.master.el7.centos
}}}
Comment 1 Jakub Hrozek 2015-10-02 02:58:34 EDT 
To reproduce:
Establish IPA-AD trusts with POSIX attributes but do not replicate the POSIX attributes to Global Catalog. Run "getent group $adgroup".

btw Sudhir was able to reproduce the crash and our fix helped him fix it.
Comment 3 Jakub Hrozek 2015-10-07 06:58:38 EDT 
    master:
        309aa83d16b5919f727af04850bcd0799ba0962f
        afb21fd06690a0bec288a7970abf74ed2ea7dfdc 
    sssd-1-13:
        15a4b34ccfcfbcec2c9ba529d0113adf251abc16
        f1742784d9b1cffd74f67beeb26375124183428a
Comment 4 Jakub Hrozek 2015-10-07 06:58:57 EDT 
*** Bug 1269058 has been marked as a duplicate of this bug. ***
Comment 6 Sudhir Menon 2015-10-14 07:36:11 EDT 
Verified using RHEL 7.2 and Windows 2012 R2

sssd-1.13.0-39.el7.x86_64
ipa-server-trust-ad-4.2.0-13.el7.x86_64
ipa-server-dns-4.2.0-13.el7.x86_64
ipa-server-4.2.0-13.el7.x86_64

[root@ipa02 ~]# ipa trust-add --range-type=ipa-ad-trust-posix
Realm name: SLABS.QE
Active Directory domain administrator: administrator
Active Directory domain administrator's password: 
-------------------------------------------------
Added Active Directory trust for realm "slabs.qe"
-------------------------------------------------
  Realm name: slabs.qe
  Domain NetBIOS name: SLABS
  Domain Security Identifier: S-1-5-21-1198230686-218755016-3050646183
  SID blacklist incoming: S-1-5-20, S-1-5-3, S-1-5-2, S-1-5-1, S-1-5-7, S-1-5-6, S-1-5-5, S-1-5-4, S-1-5-9, S-1-5-8, S-1-5-17,
                          S-1-5-16, S-1-5-15, S-1-5-14, S-1-5-13, S-1-5-12, S-1-5-11, S-1-5-10, S-1-3, S-1-2, S-1-1, S-1-0, S-1-5-19,
                          S-1-5-18
  SID blacklist outgoing: S-1-5-20, S-1-5-3, S-1-5-2, S-1-5-1, S-1-5-7, S-1-5-6, S-1-5-5, S-1-5-4, S-1-5-9, S-1-5-8, S-1-5-17,
                          S-1-5-16, S-1-5-15, S-1-5-14, S-1-5-13, S-1-5-12, S-1-5-11, S-1-5-10, S-1-3, S-1-2, S-1-1, S-1-0, S-1-5-19,
                          S-1-5-18
  Trust direction: Trusting forest
  Trust type: Active Directory domain
  Trust status: Established and verified

[root@ipaclient02 ~]# getent group agroup1@slabs.qe
agroup1@slabs.qe:*:10000:
Comment 7 errata-xmlrpc 2015-11-19 06:40:59 EST 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-2355.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.