874673 – user id lookup fails using proxy provider

Bug 874673 - user id lookup fails using proxy provider

Summary: user id lookup fails using proxy provider

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	sssd
Sub Component:
Version:	6.4
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Jakub Hrozek
QA Contact:	Kaushik Banerjee
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	881827
TreeView+	depends on / blocked

Reported:	2012-11-08 15:57 UTC by Kaushik Banerjee
Modified:	2020-05-02 17:05 UTC (History)
CC List:	3 users (show)
Fixed In Version:	sssd-1.9.2-27.el6
Doc Type:	Bug Fix
Doc Text:	No documentation needed.
Clone Of:
Environment:
Last Closed:	2013-02-21 09:39:59 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	SSSD sssd issues 2670	None	None	None	2020-05-02 17:05:02 UTC
Red Hat Product Errata	RHSA-2013:0508	normal	SHIPPED_LIVE	Low: sssd security, bug fix and enhancement update	2013-02-20 21:30:10 UTC

Description Kaushik Banerjee 2012-11-08 15:57:03 UTC

Description of problem:
user id lookup fails with proxy provider

Version-Release number of selected component (if applicable):
1.9.2-7

How reproducible:
Always

Steps to Reproduce:
1. Add a user and group in ldap as:
Group1 --> puser1

2. Setup sssd.conf for proxy provider as:
[domain/PROXY]
id_provider = proxy
debug_level = 0xFFF0
proxy_lib_name = ldap
proxy_pam_target = sssdproxyldap

3. # getent group Group1
Group1:*:2001:puser1

# id puser1
id: puser1: No such user

Note: You need to run it in correct order as:
# getent group Group1;id puser1
  
Actual results:
"id puser1" fails.

Expected results:
"id puser1" should work.

Additional info:
/var/log/sssd/sssd_PROXY.log shows:
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 2)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_error_to_errno] (0x0020): LDB returned unexpected error: [No such attribute]
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_add_user] (0x0400): Error: 14 (Bad address)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 1)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_store_user] (0x0040): Could not add user
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 0)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_store_user] (0x0400): Error: 14 (Bad address)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [save_user] (0x0040): Could not add user to cache
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [get_pw_name] (0x0040): proxy -> getpwnam_r failed for 'puser1' <14>: Bad address
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,14,Internal Error (Cannot make/remove an entry for the specified session)

Comment 2 Jakub Hrozek 2012-11-08 17:30:06 UTC

Upstream ticket:
https://fedorahosted.org/sssd/ticket/1628

Comment 4 Kaushik Banerjee 2012-12-28 12:51:21 UTC

Verified in version 1.9.2-59

Output of beaker automation run:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: proxy-ldap_024 Looking up aliases bz874673
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

adding new entry "uid=testuser1,ou=People,dc=example,dc=com"

adding new entry "cn=testgroup1,ou=Groups,dc=example,dc=com"

Stopping sssd: [  OK  ]
Starting sssd: [  OK  ]
[  OK  ]
:: [05:47:31] ::  Sleeping for 5 seconds
testgroup1:*:32300:testuser1
:: [   PASS   ] :: Running 'getent group testgroup1'
uid=32300(testuser1) gid=32300(testgroup1) groups=32300(testgroup1)
:: [   PASS   ] :: Running 'id testuser1'
testuser1:*:32300:32300:TestUser1:/export/testuser1:
:: [   PASS   ] :: Running 'getent passwd testuser1'
testgroup1:*:32300:testuser1
:: [   PASS   ] :: Running 'getent group testgroup1_alias'
testuser1:*:32300:32300:TestUser1:/export/testuser1:
:: [   PASS   ] :: Running 'getent passwd testuser1_alias'
'd4d69618-4d5d-4e9d-b2e6-a32c1d58d960'
proxy-ldap-024-Looking-up-aliases-bz874673 result: PASS

Comment 5 errata-xmlrpc 2013-02-21 09:39:59 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html

Note You need to log in before you can comment on or make changes to this bug.