677768 – name service caches names, so id command shows recently deleted users

Bug 677768 - name service caches names, so id command shows recently deleted users

Summary: name service caches names, so id command shows recently deleted users

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	sssd
Sub Component:
Version:	15
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Stephen Gallagher
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	678410 678412
TreeView+	depends on / blocked

Reported:	2011-02-15 19:20 UTC by Dmitry Guryanov
Modified:	2011-03-08 02:23 UTC (History)
CC List:	6 users (show)
Fixed In Version:	libldb-1.0.0-2.fc15
Clone Of:
Clones:	678410 678412 (view as bug list)
Environment:
Last Closed:	2011-03-08 02:23:46 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Dmitry Guryanov 2011-02-15 19:20:42 UTC

Description of problem:
If you looked up some info using unix commands, like id or groups and then changed it using freeipa command - later calls to id will show outdated information:

[root@ipaserver ~]# ipa user-add --first=x --last=y myuser5
--------------------
Added user "myuser5"
--------------------
  User login: myuser5
  First name: x
  Last name: y
  Full name: x y
  Display name: x y
  Initials: xy
  Home directory: /home/myuser5
  GECOS field: myuser5
  Login shell: /bin/sh
  Kerberos principal: myuser5
  UID: 334400018
[root@ipaserver ~]# id myuser5
uid=334400018(myuser5) gid=334400018(myuser5) группы=334400018(myuser5),334400001(ipausers)
[root@ipaserver ~]# ipa user-del myuser5
----------------------
Deleted user "myuser5"
----------------------
[root@ipaserver ~]# id myuser5
uid=334400018(myuser5) gid=334400018(myuser5) группы=334400018(myuser5),334400001(ipausers)





Version-Release number of selected component (if applicable):
389-ds-base-1.2.8-0.2.a2.fc15.1.x86_64
freeipa-admintools-2.0.0.rc1-0.fc15.x86_64
sssd-tools-1.5.1-7.fc15.x86_64
freeipa-client-2.0.0.rc1-0.fc15.x86_64
freeipa-server-2.0.0.rc1-0.fc15.x86_64
sssd-1.5.1-7.fc15.x86_64
sssd-debuginfo-1.5.1-7.fc15.x86_64
freeipa-python-2.0.0.rc1-0.fc15.x86_64
freeipa-server-selinux-2.0.0.rc1-0.fc15.x86_64
sssd-client-1.5.1-7.fc15.x86_64


How reproducible:
always

Steps to Reproduce:
1. create user using ipa user-add command, myuser for example
2. type 'id myuser'
3. type ipa user-del 'myuser'
4. type 'id myuser' again - it will show deleted user
  
Actual results:
unix command show some cached info

Expected results:
unix commands always shows up-to-date information about users and groups

Comment 1 Simo Sorce 2011-02-16 13:34:59 UTC

I was going to reply that as soon as the deleted user attempts to login, it will be refreshed from ldap, found to be deleted and not reported any more.
Except I have just tested this and it doesn't work.

Reassigning to sssd.

Comment 2 Fedora Update System 2011-02-22 12:22:37 UTC

sssd-1.5.1-7.fc15,libldb-1.0.0-2.fc15 has been submitted as an update for Fedora 15.
https://admin.fedoraproject.org/updates/sssd-1.5.1-7.fc15,libldb-1.0.0-2.fc15

Comment 3 Fedora Update System 2011-02-22 21:49:02 UTC

libldb-1.0.0-2.fc15, sssd-1.5.1-8.fc15 has been pushed to the Fedora 15 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update libldb sssd'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/sssd-1.5.1-8.fc15,libldb-1.0.0-2.fc15

Comment 4 Fedora Update System 2011-03-08 02:23:32 UTC

libldb-1.0.0-2.fc15, sssd-1.5.1-8.fc15 has been pushed to the Fedora 15 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.