On Tuesday 2012-07-03 14:20, Stephen Gallagher wrote:
>> The version I am on uses glibc-2.15-725b8ee08aff.tar.xz as source.
>> This tarball ships an nsswitch.conf with the questionable initgroups:
>> line in its default nsswitch.conf (so I am in fact on a susceptible
>> version).
>> However, openSUSE never ships that and instead its own nsswitch.conf,
>> so I never have had any initgroups: line and don't do so to this day.
>> So all commands I executed already were without initgroups:.
>
>Just to rule out the possibility that openSUSE's internal default was
>modified to behave the way the new initgroups line does, can you set
>
>initgroups: files [SUCCESS=continue] sss
>
>explicitly and try that?
Sigh. sssd problems are so hard to reproducible.
v-sfac:/home/jengelh # rm -Rf /var/lib/sss/{db,mc}/*; rcsssd restart
redirecting to systemctl
v-sfac:/home/jengelh # id jengelh
uid=25121(jengelh) gid=100(users) groups=100(users),33(video)
v-sfac:/home/jengelh # getent group 31327
rdesktop:*:31327:jengelh,fzapf,mmaus,mkromer
(^ jengelh was not part of 31327 before...)
v-sfac:/home/jengelh # id jengelh
uid=25121(jengelh) gid=100(users) groups=100(users),33(video)
After adding the nsswitch.conf line:
v-sfac:/home/jengelh # rm -Rf /var/lib/sss/{db,mc}/*; rcsssd restart
redirecting to systemctl
v-sfac:/home/jengelh # id jengelh
uid=25121(jengelh) gid=100(users) groups=100(users),33(video)
v-sfac:/home/jengelh # getent group 31327
rdesktop:*:31327:jengelh,fzapf,mmaus,mkromer
v-sfac:/home/jengelh # id jengelh
uid=25121(jengelh) gid=100(users) groups=100(users),33(video),31327(rdesktop)
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
