On Tuesday 2012-07-03 13:58, Stephen Gallagher wrote: >> In sssd-1.8.3 and earlier, issuing `getent passwd jengelh` would return >> me all the (primary and) secondary groups I am a mamber of. Something >> like >> uid=25121(jengelh) gid=100(users) >> groups=100(users),399(abuild),56485(friends), >> 27072(netitwork),31327(rdesktop) >> >> In sssd-1.8.93, this is no longer the case, and instead I get: >> uid=25121(jengelh) gid=100(users) groups=100(users),33(video) >> >> `getent group 31327` has to say: >> rdesktop:*:31327:fz,mm,mk >> >> `ldapsearch -x cn=rdesktop`: >> [...] member: uid=jengelh,ou=users,o=company
>Remove the "initgroups: " line from /etc/nsswitch.conf, then try the >above commands again. The version I am on uses glibc-2.15-725b8ee08aff.tar.xz as source. This tarball ships an nsswitch.conf with the questionable initgroups: line in its default nsswitch.conf (so I am in fact on a susceptible version). However, openSUSE never ships that and instead its own nsswitch.conf, so I never have had any initgroups: line and don't do so to this day. So all commands I executed already were without initgroups:. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
