Bug 454160 - getent group doesn't favor default domain
getent group doesn't favor default domain
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: samba (Show other bugs)
9
All Linux
low Severity high
: ---
: ---
Assigned To: Simo Sorce
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-07-05 13:15 EDT by Vadym Chepkov
Modified: 2008-11-14 09:40 EST (History)
1 user (show)

See Also:
Fixed In Version: 3.2.4-0.21.fc9
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-11-14 09:40:07 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch proposed upstream, still pending verification (1.57 KB, patch)
2008-07-07 13:36 EDT, Simo Sorce
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Samba Project 5571 None None None Never

  None (edit)
Description Vadym Chepkov 2008-07-05 13:15:53 EDT
Description of problem:

getent group doesn't obey  'winbind use default domain' setting.


Version-Release number of selected component (if applicable):

Fedora release 9 (Sulphur)
glibc-2.8-3.i686
glibc-common-2.8-3.i386
samba-client-3.2.0-2.17.fc9.i386
samba-winbind-3.2.0-2.17.fc9.i386
samba-common-3.2.0-2.17.fc9.i386


My settings:
# /etc/nsswitch.conf
passwd:     files winbind
group:      files winbind

# /etc/samba/smb.conf
        workgroup = VN
        winbind separator = /
        winbind enum users = Yes
        winbind enum groups = Yes
        winbind use default domain = Yes

  
Actual results:
# getent passwd|grep vchepkov
vchepkov:*:10022:10000:Vadym Chepkov:/home/vchepkov:/usr/local/bin/winbind.sh

this works as expected
# getent group|grep vchepkov
domain admins:*:10014:VN/Administrator,VN/vchepkov
vpn admins:*:10045:VN/vchepkov

Expected results:
It should not return VN/ prefix
Comment 1 Vadym Chepkov 2008-07-05 22:01:34 EDT
Forgot to mention, this started to happen after upgrade to Fedora 9, prior the 
upgrade it worked as expected. The bug brakes all ADS group memberships check

This version worked fine
[2008/07/05 04:16:27, 1] nsswitch/winbindd.c:main(990)
  winbindd version 3.0.28a-1.fc7 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2008

This doesn't

[2008/07/05 10:00:23,  0] winbindd/winbindd.c:main(1120)
  winbindd version 3.2.0-17.fc9 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2008
Comment 2 Simo Sorce 2008-07-06 11:45:10 EDT
It seem it has been reported upstream too:
https://bugzilla.samba.org/show_bug.cgi?id=5571

Will followup when upstream fixes it.
Comment 3 Vadym Chepkov 2008-07-07 13:15:40 EDT
Access Denied
You are not authorized to access bug #5571. 
:(
Comment 4 Simo Sorce 2008-07-07 13:35:22 EDT
Sorry it has been restricted because the original poster accidentally added a
comment with private information and he asked to block that info from public view.
I will post the patch here too.
Comment 5 Simo Sorce 2008-07-07 13:36:16 EDT
Created attachment 311196 [details]
Patch proposed upstream, still pending verification
Comment 6 Vadym Chepkov 2008-09-10 16:09:55 EDT
Still an issue:

samba-common-3.2.3-0.20.fc9.i386
samba-client-3.2.3-0.20.fc9.i386
samba-winbind-3.2.3-0.20.fc9.i386
Comment 7 Simo Sorce 2008-09-11 09:05:47 EDT
This patch was not included in 3.2.3, I am working to push it now.
Comment 8 Vadym Chepkov 2008-11-06 15:58:07 EST
Fixed in

samba-common-3.2.4-0.21.fc9.i386
samba-client-3.2.4-0.21.fc9.i386
samba-winbind-3.2.4-0.21.fc9.i386

Note You need to log in before you can comment on or make changes to this bug.