Bug 894997 - sssd_be crashes looking up members with groups outside the nesting limit
sssd_be crashes looking up members with groups outside the nesting limit
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sssd (Show other bugs)
6.4
Unspecified Unspecified
high Severity unspecified
: rc
: ---
Assigned To: Jakub Hrozek
Kaushik Banerjee
: Regression
Depends On:
Blocks: 902691
  Show dependency treegraph
 
Reported: 2013-01-14 04:27 EST by Kaushik Banerjee
Modified: 2013-05-30 13:59 EDT (History)
6 users (show)

See Also:
Fixed In Version: sssd-1.9.2-72.el6
Doc Type: Bug Fix
Doc Text:
No documentation needed.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-21 04:43:33 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
LDIF used to upload users and groups to ldap server (1.24 KB, text/plain)
2013-01-14 04:27 EST, Kaushik Banerjee
no flags Details
Backtrace of sssd_be crash (4.31 KB, text/plain)
2013-01-14 04:29 EST, Kaushik Banerjee
no flags Details

  None (edit)
Description Kaushik Banerjee 2013-01-14 04:27:43 EST
Created attachment 678136 [details]
LDIF used to upload users and groups to ldap server

Description of problem:
sssd_be crashes looking up members with groups outside the nesting limit

Version-Release number of selected component (if applicable):
1.9.2-68

How reproducible:
Always

Steps to Reproduce:
1. Use the attached ldif to add users and groups to the ldap server.
The structure is as follows:
Top:    Group1(member:nest_user1)
Mid:    Group2(member:nest_user2)
Lowest: Group3(member:nest_user3)

2. Add ldap_group_nesting_level = 1 in sssd.conf

3. # id nest_user3
uid=10297(nest_user3) gid=10002(Group_3) groups=10002(Group_3)

Actual results:
sssd_be crashes after id lookup is run. See attached backtrace.

Expected results:
sssd_be should not crash.

Additional info:
There is no crash with the following set of commands:
# id nest_user1; id nest_user3
uid=10299(nest_user1) gid=10000(Group_1) groups=10000(Group_1)
uid=10297(nest_user3) gid=10002(Group_3) groups=10002(Group_3),10001(Group_2),10000(Group_1)  <= But Group1 and Group2 should not be displayed here.
Comment 1 Kaushik Banerjee 2013-01-14 04:29:34 EST
Created attachment 678137 [details]
Backtrace of sssd_be crash
Comment 3 Jakub Hrozek 2013-01-14 04:49:55 EST
Upstream ticket:
https://fedorahosted.org/sssd/ticket/1761
Comment 4 Jakub Hrozek 2013-01-15 14:51:45 EST
Pushed upstream.
Comment 6 Kaushik Banerjee 2013-01-20 06:02:52 EST
Verified with version 1.9.2-74

Report from beaker automation run:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Verify BZ-790848 and BZ-894997 -- when nesting limit is reached
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   LOG    ] :: Sleeping for 5 seconds
:: [   PASS   ] :: Running 'restart_clearing_cache'
:: [   PASS   ] :: Running 'groups nest_user3'
:: [   PASS   ] :: File '/var/log/sssd/sssd_LDAP.log' should not contain '\[sysdb_update_members\] (0x0020): Could not add member \[Group_2\] to group \[Group_1\]'
:: [   PASS   ] :: File '/var/log/messages' should not contain 'segfault'
:: [   LOG    ] :: Duration: 20s
:: [   LOG    ] :: Assertions: 9 good, 0 bad
:: [   PASS   ] :: RESULT: Verify BZ-790848 and BZ-894997 -- when nesting limit is reached
Comment 7 errata-xmlrpc 2013-02-21 04:43:33 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html

Note You need to log in before you can comment on or make changes to this bug.