Bug 874616 - Silence the DEBUG messages when ID mapping code skips a built-in group
Summary: Silence the DEBUG messages when ID mapping code skips a built-in group
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sssd
Version: 6.4
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Jakub Hrozek
QA Contact: Kaushik Banerjee
URL:
Whiteboard:
Depends On:
Blocks: 881827
TreeView+ depends on / blocked
 
Reported: 2012-11-08 14:29 UTC by Dmitri Pal
Modified: 2020-05-02 17:02 UTC (History)
3 users (show)

Fixed In Version: sssd-1.9.2-30.el6
Doc Type: Bug Fix
Doc Text:
No Documentation Needed
Clone Of:
Environment:
Last Closed: 2013-02-21 09:39:50 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github SSSD sssd issues 2635 None closed Silence the DEBUG messages when ID mapping code skips a built-in group 2020-07-01 18:25:17 UTC
Red Hat Product Errata RHSA-2013:0508 normal SHIPPED_LIVE Low: sssd security, bug fix and enhancement update 2013-02-20 21:30:10 UTC

Description Dmitri Pal 2012-11-08 14:29:48 UTC
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/sssd/ticket/1593

When a SID that cannot be converted is being processed by the SSSD, the SSSD emits a loud DEBUG mesage. But that's quite confusing when the SID being skipped is a builtin one, i.e Domain Users or Administrators. We should special-case and silence errors when converting these SIDs.

Comment 2 Kaushik Banerjee 2013-01-08 07:07:04 UTC
Verified in version 1.9.2-59

Output of beaker automation run:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: idmap_014 bz874616 Silence DEBUG messages when dealing with built-in SIDs
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Stopping sssd: [  OK  ]
Starting sssd: [  OK  ]
[  OK  ]
:: [12:49:24] ::  Sleeping for 5 seconds
uid=770800500(administrator) gid=770800513(domain users) groups=770800513(domain users),770800519(enterprise admins),770800572(denied rodc password replication group),770800518(schema admins),770800520(group policy creator owners),770800512(domain admins)
:: [   PASS   ] :: Running 'id Administrator'
:: [   PASS   ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Object SID \[S-1-5-32-545\] is a built-in one'
:: [   PASS   ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Object SID \[S-1-5-32-544\] is a built-in one'
:: [   PASS   ] :: File '/var/log/sssd/sssd_ADTEST.log' should contain 'Skipping built-in object'
:: [   PASS   ] :: File '/var/log/sssd/sssd_ADTEST.log' should not contain 'Could not parse domain SID'
:: [   PASS   ] :: File '/var/log/sssd/sssd_ADTEST.log' should not contain 'Could not convert SID to GID'
'7bc5f7cd-3605-4569-bcce-b81b36be2ebe'
idmap-014-bz874616-Silence-DEBUG-messages-when-dealing-with-built-in-SIDs result: PASS

Comment 3 errata-xmlrpc 2013-02-21 09:39:50 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html


Note You need to log in before you can comment on or make changes to this bug.