[Pkg-sssd-devel] Bug#899272: sssd fails to look up ONE specific group

Daniel Lakeland dlakelan at street-artists.org
Tue May 22 02:27:02 BST 2018 

Package: sssd
Version: 1.16.1-1+b1
Severity: important

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?

install and configure sssd

   * What exactly did you do (or not do) that was effective (or
     ineffective)?

look up one specific group, happens to be the smallest gid in my ldap 
directory:

first we look it up by gid, and that works

root at pico:~# getent group 1000
dlakelan:*:1000:

immediately after we try to look it up by name, and it fails

root at pico:~# getent group dlakelan



Here's an edited version of my sssd, edited for privacy
[sssd]
config_file_version = 2
services = nss,pam
#services = nss
# SSSD will not start if you do not configure any domains.
# Add new domain configurations as [domain/<NAME>] sections, and
# then add the list of domains (in the order you want them to be
# queried) to the "domains" attribute below and uncomment it.
domains = mydomain

[nss]

[pam]

[domain/mydomain]
lookup_family_order = ipv4_only
id_provider = ldap
auth_provider = krb5
ldap_schema=rfc2307
ldap_uri = ldap://domain0.mydomain.com, ldap://domain1.mydomain.com
ldap_search_base = dc=mydomain,dc=com
cache_credentials = true
krb5_realm = MYDOMAIN.COM
;ldap_id_use_start_tls = true
;ldap_tls_reqcert = hard
chpass_provider = krb5
krb5_store_password_if_offline = true
dns_discovery_domain = mydomain.com
krb5_ccname_template = /tmp/krb5cc_%U
;use_fully_qualified_names = true
min_id=1000

---------------

It has the flavor of an off-by-one type bug, since every other group 
with higher gid number is looked up both directions just fine.

It is, however, highly annoying


-- System Information:
Debian Release: 8.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages sssd depends on:
ii  python3-sss  1.16.1-1+b1
ii  sssd-ad      1.16.1-1+b1
ii  sssd-common  1.16.1-1+b1
ii  sssd-ipa     1.16.1-1+b1
ii  sssd-krb5    1.16.1-1+b1
ii  sssd-ldap    1.16.1-1+b1
ii  sssd-proxy   1.16.1-1+b1

sssd recommends no packages.

sssd suggests no packages.

-- no debconf information

More information about the Pkg-sssd-devel mailing list