Red Hat Bugzilla – Bug 874616
Silence the DEBUG messages when ID mapping code skips a built-in group
Last modified: 2013-06-06 14:35:27 EDT
This bug is created as a clone of upstream ticket: https://fedorahosted.org/sssd/ticket/1593 When a SID that cannot be converted is being processed by the SSSD, the SSSD emits a loud DEBUG mesage. But that's quite confusing when the SID being skipped is a builtin one, i.e Domain Users or Administrators. We should special-case and silence errors when converting these SIDs.
Verified in version 1.9.2-59 Output of beaker automation run: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: idmap_014 bz874616 Silence DEBUG messages when dealing with built-in SIDs :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Stopping sssd: [ OK ] Starting sssd: [ OK ] [ OK ] :: [12:49:24] :: Sleeping for 5 seconds uid=770800500(administrator) gid=770800513(domain users) groups=770800513(domain users),770800519(enterprise admins),770800572(denied rodc password replication group),770800518(schema admins),770800520(group policy creator owners),770800512(domain admins) :: [ PASS ] :: Running 'id Administrator' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Object SID \[S-1-5-32-545\] is a built-in one' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Object SID \[S-1-5-32-544\] is a built-in one' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Skipping built-in object' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should not contain 'Could not parse domain SID' :: [ PASS ] :: File '/var/log/sssd/sssd_ADTEST.log' should not contain 'Could not convert SID to GID' '7bc5f7cd-3605-4569-bcce-b81b36be2ebe' idmap-014-bz874616-Silence-DEBUG-messages-when-dealing-with-built-in-SIDs result: PASS
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0508.html