[SSSD] [sssd PR#128][comment] Fix group renaming issue when "id_provider = ldap" is set

Tue, 29 Aug 2017 15:45:48 -0700 

  URL: https://github.com/SSSD/sssd/pull/128
Title: #128: Fix group renaming issue when "id_provider = ldap" is set

fidencio commented:
"""
So, I've just made a simple test after talking to @jhrozek on #sssd.

Here's the sssd.conf of my IPA client:
```
[root@clnt x86_64]# cat /etc/sssd/sssd.conf 
[domain/freeipa.ff]

cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = freeipa.ff
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname = clnt.freeipa.ff
chpass_provider = ipa
ipa_server = _srv_, mstr.freeipa.ff
ldap_tls_cacert = /etc/ipa/ca.crt
debug_level = 10

[sssd]
services = nss, sudo, pam, ssh
domains = freeipa.ff
services_startup_timeout = 90
debug_level = 10

[nss]
homedir_substring = /home
debug_level = 10

[pam]
debug_level = 10

[sudo]
debug_level = 10

[autofs]

[ssh]
debug_level = 10

[pac]

[ifp]

[secrets]
```

Then ...
- Before my patches:
  - Client:
    ```
    [root@clnt x86_64]# id tuser00                  
    uid=289200001(tuser00) gid=289200001(tuser00) 
groups=289200001(tuser00),289200003(oldname)
    ```
  - Server:
     ```
     [root@mstr ~]# ipa group-mod --rename newname oldname                      
                      
     ------------------------                        
     Modified group "oldname"                        
     ------------------------                        
       Group name: newname   
       GID: 289200003        
       Member users: tuser00
     ```
  - Client:
    ```
    [root@clnt x86_64]# sss_cache -E
    [root@clnt x86_64]# id tuser00
    uid=289200001(tuser00) gid=289200001(tuser00) 
groups=289200001(tuser00),289200003
    ```
- `systemctl stop sssd; rm -rf /var/lib/sss/db/*; systemctl start sssd`
- After my patches:
  - Client:
    ```
    [root@clnt x86_64]# id tuser00
    uid=289200001(tuser00) gid=289200001(tuser00) 
groups=289200001(tuser00),289200003(newname)
    ```
  - Server:
    ```
    [root@mstr ~]# ipa group-mod --rename oldname newname
    ------------------------
    Modified group "newname"
    ------------------------
      Group name: oldname
      GID: 289200003
      Member users: tuser00
    ```
  - Client:
     ```
    [root@clnt x86_64]# sss_cache -E
    [root@clnt x86_64]# id tuser00
    uid=289200001(tuser00) gid=289200001(tuser00) 
groups=289200001(tuser00),289200003(oldname)
     ```
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/128#issuecomment-325825877

_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

Reply via email to