sssd_be crashing with nested ldap groups

[Aaron Bliss]

Hi all,
I have several fully patched RedHat boxes (20 or more), with the 
following sssd rpms installed:

sssd-client-1.9.2-82.4.el6_4.x86_64
sssd-1.9.2-82.4.el6_4.x86_64

Whenever a lookup is done (for example opening an SSH session or running 
groups username) to figure out a users' group membership and that 
particular user is a member of a ldap group that is nested in another 
ldap group, sssd_be aborts with the following logged to /var/log/messages:

kernel: sssd_be[32294]: segfault at 0 ip (null) sp 00007fff4a2f2eb8 
error 14 in sssd_be[400000+87000]

I do make use of the ldap_schema = rfc2307bis and ldap_group_member = 
uniqueMember options, as our ldap provider is Oracle Enterprise 
Directory Server (formally Sun Directory Server).

I have also confirmed that this issue was introduced with an update to 
sssd released sometime after sssd-1.9.2-82.el6.x86_64, as in order to 
further troubleshoot this, I did a clean build of a RedHat 6.4 client, 
used the exact same /etc/sssd/sssd.conf file and have yet to have any 
trouble with the sssd daemon crashing.

While I can avoid the issue by not updating the sssd* rpm's and the 
dependent rpm's, I'm assuming that this is something that the sssd 
developers or RedHat would want to be aware of, since it's doubtful that 
I'm the only one experiencing this issue.  Note that I can't submit a 
support ticket directly to RedHat, as we don't have support for our 
RedHat subscriptions (as an edu, we have the update only subscriptions 
without technical support).

I'm not sure if this is the proper list to post such issue and if not, 
please direct me to a better source or let me know if any further 
information is needed to look into this issue.

Aaron Bliss
Systems Administrator
SUNY Brockport
(585) 395-2417