Red Hat Appears to Ignore Secondary Groups for LDAP Users
Tim P. Starrin
Timothy.P.Starrin at nasa.gov
Wed Mar 19 18:02:21 UTC 2008
On Red Hat Enterprise Linux (RHEL) 4 Update 6 with the latest patches
Given the LDAP user "t-bone" with the following group set...
% id
uid=9066(t-bone) gid=121(a00121) groups=121(a00121),144(a00144) \
context=user_u:system_r:unconfined_t
% groups
a00121 a00144
The following operations that should work on a Linux ext3 file system,
fail...
% ls -la
drwxr-x--- 2 root a00144 4096 Mar 19 13:29 a00144
-r--r----- 1 root a00144 29 Feb 27 18:34 date
% ls a00144
ls: a00144: Permission denied
% cat date
cat: date: Permission denied
Note that file and directory access via the primary group, gid=121(a00121),
works fine.
Did I setup something wrong or is this a real bug?
Thanks.
More information about the redhat-list
mailing list