You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 995448
Description of problem:
Sssd doesn't seem to provide rfc2307bis group members to the system until after
10 minutes from starting and first attempt to retrieve them.
If an rfc2307bis group containing a single member is present in LDAP directory,
sssd is started with enumeration disabled and a clean cache, then output of
"getent group GROUP" doesn't show any members until after about 10 minutes from
the start and the first retrieval attempt. The "id USER" output, OTOH, shows
the group membership at all times.
With the same setup and enumeration *enabled*, the group appears to have the
member right from the start.
Version-Release number of selected component (if applicable):
sssd-common-1.11.0-0.2.beta2.el7.x86_64
sssd-ad-1.11.0-0.2.beta2.el7.x86_64
python-sssdconfig-1.11.0-0.2.beta2.el7.noarch
sssd-client-1.11.0-0.2.beta2.el7.x86_64
sssd-krb5-common-1.11.0-0.2.beta2.el7.x86_64
sssd-ldap-1.11.0-0.2.beta2.el7.x86_64
sssd-proxy-1.11.0-0.2.beta2.el7.x86_64
sssd-ipa-1.11.0-0.2.beta2.el7.x86_64
sssd-1.11.0-0.2.beta2.el7.x86_64
libsss_idmap-1.11.0-0.2.beta2.el7.x86_64
sssd-krb5-1.11.0-0.2.beta2.el7.x86_64
How reproducible:
always
Steps to Reproduce:
1. Use the attached entries.ldif file to fill the LDAP directory.
2. Use the attached sssd.conf file as the basis for sssd configuration.
3. Remove all files from /var/lib/sss/db.
4. Start sssd.
5. Execute "getent group group10000".
6. Execute "id user10000".
7. Wait about 10 minutes.
8. Execute "getent group group10000".
Actual results:
group10000:*:10000:
uid=10000(user10000) gid=10001(user10000)
groups=10001(user10000),10000(group10000)
group10000:*:10000:user10000
Expected results:
group10000:*:10000:user10000
uid=10000(user10000) gid=10001(user10000)
groups=10001(user10000),10000(group10000)
group10000:*:10000:user10000
Additional info:
This works on RHEL6 with sssd 1.9.2-82.7.
This might be related to Bug 995031.
Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/2302
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 995448
Comments
Comment from dpal at 2014-04-10 15:13:59
Fields changed
blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
milestone: NEEDS_TRIAGE => SSSD 1.13 beta
review: True => 0
selected: =>
testsupdated: => 0
Comment from dpal at 2014-09-26 18:49:59
Fields changed
mark: => 0
Comment from jhrozek at 2015-02-10 14:30:19
Fields changed
milestone: SSSD 1.13 beta => SSSD 1.13 backlog
priority: major => minor
Comment from jhrozek at 2015-02-12 20:27:22
Mass-moving tickets not planned for the next two releases.
Please reply with a comment if you disagree about the move..
milestone: SSSD 1.13 backlog => SSSD 1.15 beta
Comment from jhrozek at 2016-11-25 10:36:59
Suggest to close, I don't think anyone was able to reproduce this issue ever since.
review: 0 => 1
selected: => Not need
sensitive: => 0
Comment from jhrozek at 2016-12-05 15:33:32
We couldn't reproduce the issue since it was initially reported, therefore I'm closing the ticket.
resolution: => worksforme
status: new => closed
Comment from jhrozek at 2017-02-24 14:28:05
Metadata Update from @jhrozek:
The text was updated successfully, but these errors were encountered: