Hello all,I am experiencing strange behaviour of some of my NFS clients running SSSD-AD 1.12.1. Some machines seem to be losing the 'group name <-> GID' mapping on files on an NFS share, see this example:
--------------- $ l -d SOMEFOLDER drwxrwxr-x 17 root 4294967294 4096 Nov 6 15:31 SOMEFOLDER/ $ stat SOMEFOLDER File: ‘SOMEFOLDER’ Size: 4096 Blocks: 8 IO Block: 65536 directory Device: 26h/38d Inode: 27258 Links: 17Access: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid: (4294967294/ UNKNOWN)
... --------------- Also all files SOMEFOLDER/* are affected.
I know the group the folder is supposed to have is set correctly and other clients show its name. Also, users who are in the missing group show the groupname and GID just fine when doing an 'id USERNAME'.
Restarting SSSD resolves the issue for some time. My SSSD config is as follows: --------------- [sssd] config_file_version = 2 services = nss,pam domains = default [nss] filter_groups = root filter_users = root [pam] [domain/default] id_provider = ad auth_provider = ad access_provider = simple chpass_provider = ad ad_domain = ... ad_enable_gc = False ldap_id_mapping = False enumerate = False ignore_group_members = True dyndns_update = False cache_credentials = True ldap_search_base = ... ldap_user_search_base = ... ldap_group_search_base = ... ldap_user_search_scope = one ldap_group_search_scope = one krb5_ccachedir = /run/user/%U krb5_ccname_template = DIR:%d/krb5cc override_homedir = ... simple_allow_groups = ... --------------- Is this a known problem with 1.12.1?I will test with 1.12.2 soon, but as the problem only appears randomly, I thought I'd already ask now...
Best regards, J Brauchle
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
