Description of problem:
All member users are not returned on looking up top level parent group
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. sssd.conf domain section:
id_provider = local
2. Add the groups as follows:
parent(member: user1, child)
# sss_groupadd parent
# sss_groupadd child
# sss_groupmod -a parent child
# sss_useradd user1
# sss_useradd user2
# sss_usermod -a parent user1
# sss_usermod -a child user2
# getent -s sss group parent
parent:*:1000:user1 <== user1,user2 should have been returned.
Child member is not returned on lookup up parent group.
All members should be returned.
This was working as expected till version 1.9.2-68
(In reply to comment #0)
> This was working as expected till version 1.9.2-68
It was, but pretty much by accident only because nobody requested the parent group before. The root cause of the bug is that when we modify the parent group with "sss_usermod -a parent user1" we invalidate the memory entry of parent in memory cache, but we only invalidate the child group when adding user2 into it.
The proper fix is to invalidate all parent groups of groups being modified, too.
*** This bug has been marked as a duplicate of bug 895132 ***