On Wed, Jun 29, 2011 at 2:01 PM, Jan L. Peterson <[email protected]> wrote: > When I start seeing weird things like this, I often resort to tracing > the program in question to see where it thinks it's getting it's info > from. Try this both as the user and via su and compare the output.
Back to this again. So, I turned off NSCD and had the user rerun the trace, and I reran the trace as well. Both traces go to LDAP to query the user just fine. Just, doing it su'ed to the user returns a getgroups() with 8 entries and doing it as the user returns a getgroups() with one entry. On the strace that returns all groups, there is a bunch of extra LDAP querying to map group ID numbers to names. I'm going to have the user try another machine in his building, to rule out the machine (a machine issue would surprise me, since all the desktops are basically the same, but anything is possible). I will then remove "stapusr" from the local /etc/groups -- we were once upon a time a solaris shop and there is a lot of low group ID use. Most people are members of the "staff" group (wheel in linux, unfortunately) but I will drop him there and see what happens. So much for this being some oddity I missed along the way. Fun times! (With apologies to Jan for getting this twice since I am a giant turkey who cant mash "reply to all" successfully) _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
