Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 797571 - squid userid not added to wbpriv group
squid userid not added to wbpriv group
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: squid (Show other bugs)
6.2
All Linux
unspecified Severity low
: rc
: ---
Assigned To: Michal Luscon
Dalibor Pospíšil
: EasyFix, Patch
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-02-26 14:35 EST by Mark Orenstein
Modified: 2013-02-21 03:39 EST (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 584161
Environment:
Last Closed: 2013-02-21 03:39:38 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2013:0505 normal SHIPPED_LIVE Moderate: squid security and bug fix update 2013-02-20 16:30:33 EST

  None (edit)
Description Mark Orenstein 2012-02-26 14:35:25 EST 
+++ This bug was initially created as a clone of Bug #584161 +++

If samba-winbind is installed first, then the squid install should add itself to the wbpriv group.  Conversely, if squid is installed first, then the samba-winbind install should add squid to the wbpriv group.  Seems like a regression from Fedora 14

Description of problem: If squid is installed before samba-winbind, then the wbpriv group, when created, does not include squid.  This results in ntlm_auth calls by squid failing. "failed due to [winbind client not authorized to use winbindd_pam_auth_auth_crap. Ensure permissions on /var/lib/samba/winbindd_privileged are set correctly." 

Installing samba-winbind first resolves the problem


Version-Release number of selected component (if applicable): Fedora 12 x86_64 updated 2010/04/20.

How reproducible: Always


Steps to Reproduce:
1.During anaconda install check off squid
2.After Fedora is installed, yum install samba-squid
3.
  
Actual results: In /etc/group with corresponding gshadow
wbpriv:x:88:

Expected results: In /etc/group with corresponding gshadow
wbpriv:x:88:squid


Additional info:

--- Additional comment from sjensen@versanet.de on 2010-09-04 02:52:27 EDT ---

Same here on F13

--- Additional comment from fedora-admin-xmlrpc@redhat.com on 2010-10-08 10:44:07 EDT ---

This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.

--- Additional comment from gdeschner@redhat.com on 2010-10-08 10:57:40 EDT ---

Reassigning to squid

--- Additional comment from jskala@redhat.com on 2010-10-14 09:16:31 EDT ---

I've renewed trigger in squid.spec then I've extended it about this lines:

if ! getent group wbpriv >/dev/null 2>&1 ; then
  /usr/sbin/groupadd -g 88 wbpriv >/dev/null 2>&1 || :
fi

It works fine for me.

This trigger is invoked when samba-common (required by samba-winbind) is installed/upgraded.

I've made a build in rawhide and the one should be available to test in rawhide repository in next hours. Please, give me a feedback. I'll backport it into f14 and olders when it works fine.

Guenther, is this extension fine for you? What about the same conditional group 'wbpriv' insertion in samba-common subpackage?

--- Additional comment from ssorce@redhat.com on 2010-10-14 10:32:39 EDT ---

Jiri we discussed exactly this approach a few days ago.
Can you open a samba bug (maybe just clone) so that we can make sure to remember to do the change on our side?

--- Additional comment from updates@fedoraproject.org on 2010-10-18 03:37:40 EDT ---

squid-3.1.8-2.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/squid-3.1.8-2.fc14

--- Additional comment from updates@fedoraproject.org on 2010-10-18 03:37:47 EDT ---

squid-3.1.8-2.fc13 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/squid-3.1.8-2.fc13

--- Additional comment from updates@fedoraproject.org on 2010-10-18 16:54:09 EDT ---

squid-3.1.8-2.fc14 has been pushed to the Fedora 14 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update squid'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/squid-3.1.8-2.fc14

--- Additional comment from updates@fedoraproject.org on 2010-11-01 16:47:29 EDT ---

squid-3.1.8-2.fc14 has been pushed to the Fedora 14 stable repository.  If problems still persist, please make note of it in this bug report.

--- Additional comment from updates@fedoraproject.org on 2010-11-01 16:52:06 EDT ---

squid-3.1.8-2.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 1 Jiri Skala 2012-02-27 02:44:05 EST 
As is mentioned above this is adding a trigger to spec file.
Comment 8 errata-xmlrpc 2013-02-21 03:39:38 EST 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0505.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.