Created attachment 593181 [details] bt full Description of problem: Version-Release number of selected component (if applicable): sssd-1.8.93-0.20120618T1837Zgitbb79e75.fc17.x86_64 How reproducible: Always Steps to Reproduce: (Not sure if this is related, but the case where crash was detected is) 1. # ipa sudorule-show sudorule1 --all --raw dn: ipauniqueid=8d023938-bac0-11e1-b429-525400951069,cn=sudorules,cn=sudo,dc=testrelm,dc=com cn: sudorule1 ipaenabledflag: TRUE memberhost: cn=hostgrp1,cn=hostgroups,cn=accounts,dc=testrelm,dc=com memberuser: uid=user1,cn=users,cn=accounts,dc=testrelm,dc=com ipauniqueid: 8d023938-bac0-11e1-b429-525400951069 objectclass: ipaassociation objectclass: ipasudorule 2. # ldapsearch -LLL -Y GSSAPI -b ou=SUDOers,dc=testrelm,dc=com SASL/GSSAPI authentication started SASL username: admin SASL SSF: 56 SASL data security layer installed. dn: ou=sudoers,dc=testrelm,dc=com objectClass: extensibleObject ou: sudoers dn: cn=sudorule1,ou=sudoers,dc=testrelm,dc=com objectClass: sudoRole sudoUser: user1 sudoHost: +hostgrp1 cn: sudorule1 3. [root@dhcp201-207 ~]# ssh -o StrictHostKeyChecking=no -l user1 dhcp201-207.testrelm.com user1.com's password: Last login: Wed Jun 20 07:06:09 2012 from dhcp201-207.testrelm.com -sh-4.2$ 4. -sh-4.2$ sudo -l Actual results: /var/log/messages: Jun 20 07:06:17 dhcp201-207 kernel: [1039881.361685] sssd_nss[20374]: segfault at 20 ip 0000003af5e89d8d sp 00007fff523572d8 e rror 4 in libc-2.15.so[3af5e00000+1ac000] Jun 20 07:06:17 dhcp201-207 abrtd: Directory 'ccpp-2012-06-20-07:06:17-20374' creation detected Jun 20 07:06:17 dhcp201-207 abrt[20454]: Saved core dump of pid 20374 (/usr/libexec/sssd/sssd_nss) to /var/spool/abrt/ccpp-201 2-06-20-07:06:17-20374 (1142784 bytes) Jun 20 07:06:17 dhcp201-207 sssd[nss]: Starting up Expected results: No crash detected. Additional info: relevant sssd.conf: --8<-- [domain/testrelm.com] cache_credentials = True krb5_store_password_if_offline = True ipa_domain = testrelm.com id_provider = ipa auth_provider = ipa access_provider = ipa ipa_hostname = dhcp201-207.testrelm.com chpass_provider = ipa ipa_server = dhcp201-207.testrelm.com ldap_tls_cacert = /etc/ipa/ca.crt [sssd] services = nss, pam, ssh config_file_version = 2 domains = testrelm.com -->8-- sudo debug: -sh-4.2$ sudo -l LDAP Config Summary =================== uri ldap://dhcp201-207.testrelm.com ldap_version 3 sudoers_base ou=SUDOers,dc=testrelm,dc=com binddn uid=sudo,cn=sysaccounts,cn=etc,dc=testrelm,dc=com bindpw bind123 bind_timelimit 5 timelimit 15 ssl no tls_checkpeer (yes) tls_cacertfile /etc/ipa/ca.crt tls_cacertdir /etc/ipa =================== sudo: ldap_initialize(ld, ldap://dhcp201-207.testrelm.com) sudo: ldap_set_option: debug -> 0 sudo: ldap_set_option: ldap_version -> 3 sudo: ldap_set_option: tls_checkpeer -> 1 sudo: ldap_set_option: tls_cacertfile -> /etc/ipa/ca.crt sudo: ldap_set_option: tls_cacert -> /etc/ipa/ca.crt sudo: ldap_set_option: tls_cacertdir -> /etc/ipa sudo: ldap_set_option: timelimit -> 15 sudo: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, 5) sudo: ldap_sasl_bind_s() ok sudo: Looking for cn=defaults: cn=defaults sudo: no default options found in ou=SUDOers,dc=testrelm,dc=com sudo: ldap search '(|(sudoUser=user1)(sudoUser=%user1)(sudoUser=ALL))' sudo: searching from base 'ou=SUDOers,dc=testrelm,dc=com' sudo: adding search result sudo: ldap sudoHost '+hostgrp1' ... not sudo: result now has 0 entries sudo: ldap search '(sudoUser=+*)' sudo: searching from base 'ou=SUDOers,dc=testrelm,dc=com' sudo: adding search result sudo: result now has 0 entries sudo: sorting remaining 0 entries sudo: perform search for pwflag 52 sudo: done with LDAP searches sudo: user_matches=1 sudo: host_matches=0 sudo: sudo_ldap_lookup(52)=0x42 [sudo] password for user1:
Upstream ticket: https://fedorahosted.org/sssd/ticket/1383
Closing as an UPSTREAM bug. This was reported against an unreleased upstream nightly build. It belongs in the upstream bug tracker, not Fedora.