Bug 874673 - user id lookup fails using proxy provider
Summary: user id lookup fails using proxy provider
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sssd
Version: 6.4
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Jakub Hrozek
QA Contact: Kaushik Banerjee
URL:
Whiteboard:
Depends On:
Blocks: 881827
TreeView+ depends on / blocked
 
Reported: 2012-11-08 15:57 UTC by Kaushik Banerjee
Modified: 2020-05-02 17:05 UTC (History)
3 users (show)

Fixed In Version: sssd-1.9.2-27.el6
Doc Type: Bug Fix
Doc Text:
No documentation needed.
Clone Of:
Environment:
Last Closed: 2013-02-21 09:39:59 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github SSSD sssd issues 2670 None None None 2020-05-02 17:05:02 UTC
Red Hat Product Errata RHSA-2013:0508 normal SHIPPED_LIVE Low: sssd security, bug fix and enhancement update 2013-02-20 21:30:10 UTC

Description Kaushik Banerjee 2012-11-08 15:57:03 UTC
Description of problem:
user id lookup fails with proxy provider

Version-Release number of selected component (if applicable):
1.9.2-7

How reproducible:
Always

Steps to Reproduce:
1. Add a user and group in ldap as:
Group1 --> puser1

2. Setup sssd.conf for proxy provider as:
[domain/PROXY]
id_provider = proxy
debug_level = 0xFFF0
proxy_lib_name = ldap
proxy_pam_target = sssdproxyldap

3. # getent group Group1
Group1:*:2001:puser1

# id puser1
id: puser1: No such user

Note: You need to run it in correct order as:
# getent group Group1;id puser1
  
Actual results:
"id puser1" fails.

Expected results:
"id puser1" should work.

Additional info:
/var/log/sssd/sssd_PROXY.log shows:
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 2)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_error_to_errno] (0x0020): LDB returned unexpected error: [No such attribute]
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_add_user] (0x0400): Error: 14 (Bad address)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 1)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_store_user] (0x0040): Could not add user
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [ldb] (0x4000): cancel ldb transaction (nesting: 0)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [sysdb_store_user] (0x0400): Error: 14 (Bad address)
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [save_user] (0x0040): Could not add user to cache
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [get_pw_name] (0x0040): proxy -> getpwnam_r failed for 'puser1' <14>: Bad address
(Thu Nov  8 18:33:57 2012) [sssd[be[PROXY]]] [acctinfo_callback] (0x0100): Request processed. Returned 3,14,Internal Error (Cannot make/remove an entry for the specified session)

Comment 2 Jakub Hrozek 2012-11-08 17:30:06 UTC
Upstream ticket:
https://fedorahosted.org/sssd/ticket/1628

Comment 4 Kaushik Banerjee 2012-12-28 12:51:21 UTC
Verified in version 1.9.2-59

Output of beaker automation run:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: proxy-ldap_024 Looking up aliases bz874673
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

adding new entry "uid=testuser1,ou=People,dc=example,dc=com"

adding new entry "cn=testgroup1,ou=Groups,dc=example,dc=com"

Stopping sssd: [  OK  ]
Starting sssd: [  OK  ]
[  OK  ]
:: [05:47:31] ::  Sleeping for 5 seconds
testgroup1:*:32300:testuser1
:: [   PASS   ] :: Running 'getent group testgroup1'
uid=32300(testuser1) gid=32300(testgroup1) groups=32300(testgroup1)
:: [   PASS   ] :: Running 'id testuser1'
testuser1:*:32300:32300:TestUser1:/export/testuser1:
:: [   PASS   ] :: Running 'getent passwd testuser1'
testgroup1:*:32300:testuser1
:: [   PASS   ] :: Running 'getent group testgroup1_alias'
testuser1:*:32300:32300:TestUser1:/export/testuser1:
:: [   PASS   ] :: Running 'getent passwd testuser1_alias'
'd4d69618-4d5d-4e9d-b2e6-a32c1d58d960'
proxy-ldap-024-Looking-up-aliases-bz874673 result: PASS

Comment 5 errata-xmlrpc 2013-02-21 09:39:59 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html


Note You need to log in before you can comment on or make changes to this bug.