On Wed, Feb 08, 2012 at 10:20:01AM +0100, Marco Pizzoli wrote:
> Hi,
> I succeed in listing my users retrieved from the ldap server --> "getent
> passwd" works
> I'm failing in listing my groups --> "getent groups" remain stuck after
> have listed my /etc/group groups.
>
> My /etc/nsswitch.conf file:
> passwd: files sss
> group: files sss
> #initgroups: files sss
>
> In /var/log/sssd/sssd_my_ldap.log I see my groups seen and saved:
> [cut]
> (Wed Feb 8 10:09:40 2012) [sssd[be[my_ldap]]] [sdap_save_groups]
> (0x4000): Group 116 processed!
> (Wed Feb 8 10:09:40 2012) [sssd[be[my_ldap]]] [sdap_save_group] (0x2000):
> This is a posix group
> (Wed Feb 8 10:09:40 2012) [sssd[be[my_ldap]]] [sdap_attrs_add_ldap_attr]
> (0x2000): Adding original DN [cn=pdbaraf,ou=groups,dc=dont,dc=mind.it] to
> attributes of [pdbaraf].
> (Wed Feb 8 10:09:40 2012) [sssd[be[my_ldap]]] [sdap_attrs_add_ldap_attr]
> (0x2000): Adding original mod-Timestamp [20110130203138Z] to attributes of
> [pdbaraf].
> (Wed Feb 8 10:09:40 2012) [sssd[be[my_ldap]]] [sdap_save_group] (0x1000):
> Original USN value is not available for [pdbaraf].
> (Wed Feb 8 10:09:40 2012) [sssd[be[my_ldap]]] [sdap_save_group] (0x0400):
> Storing info for group pdbaraf
> [cut]
>
> If I try to list a specific group, I succeed in:
>
> [root@fedora16 sssd]# getent group pdbaraf
> pdbaraf:*:10107:pdbaraf,pusrrafw
>
> With strace I can see this:
>
> [cut]
> connect(4, {sa_family=AF_FILE, path="/var/lib/sss/pipes/nss"}, 110) = 0
> fstat(4, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
> poll([{fd=4, events=POLLOUT}], 1, 300000) = 1 ([{fd=4, revents=POLLOUT}])
> write(4, "\24\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0", 16) = 16
> poll([{fd=4, events=POLLOUT}], 1, 300000) = 1 ([{fd=4, revents=POLLOUT}])
> write(4, "\1\0\0\0", 4) = 4
> poll([{fd=4, events=POLLIN}], 1, 300000) = 1 ([{fd=4, revents=POLLIN}])
> read(4, "\24\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0", 16) = 16
> poll([{fd=4, events=POLLIN}], 1, 300000) = 1 ([{fd=4, revents=POLLIN}])
> read(4, "\1\0\0\0", 4) = 4
> poll([{fd=4, events=POLLOUT}], 1, 300000) = 1 ([{fd=4, revents=POLLOUT}])
> write(4, "\20\0\0\0#\0\0\0\0\0\0\0\0\0\0\0", 16) = 16
> poll([{fd=4, events=POLLIN}], 1, 300000^C <unfinished ...>
>
> Obviously I have my [domain/ldap] section populated with
> enumerate=true
>
> Any help?
>
> Thanks a lot as usual
> Marco
It seems we have broken enumeration..at least on master, I haven't
tested 1.7 yet.
I filed https://fedorahosted.org/sssd/ticket/1182 and I'm looking into
fixing it.
Thank you very much for testing, Marco!
_______________________________________________
sssd-devel mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/sssd-devel
