sssd_be crashing with nested ldap groups

Aaron Bliss abliss at brockport.edu
Fri May 17 16:07:29 UTC 2013 

Chad,
Thanks for following up.  I actually did follow a bugzilla report:

https://bugzilla.redhat.com/show_bug.cgi?id=963235

Turns out to be an actual bug with sssd. Specifically, the issue is not 
triggered by the processing of nested ldap groups, but rather when 
sssd_be encounters any group (nested or otherwise) that contains an 
invalid user object (i.e. as user that has been purged).

Aaron
On 5/17/2013 12:03 PM, Truhn, Chad wrote:
> If you believe this is a bug, the best option (sans support) is submit a bug on the Red Hat Bugzilla site.  No support contract needed.
>
> https://bugzilla.redhat.com/
>
> If you haven't already, check to see if this has already been submitted before posting a new bug.  They might already be aware of this issue and could potentially have a patch.
>
> Sorry I can't help with the actual issue, but the bugzilla route will get you the proper eyes on the problem.
>
> Good luck,
> Chad
> ________________________________________
> From: redhat-list-bounces at redhat.com [redhat-list-bounces at redhat.com] on behalf of Aaron Bliss [abliss at brockport.edu]
> Sent: Tuesday, May 14, 2013 9:07 AM
> To: 'General Red Hat Linux discussion list'
> Subject: sssd_be crashing with nested ldap groups
>
> Hi all,
> I have several fully patched RedHat boxes (20 or more), with the
> following sssd rpms installed:
>
> sssd-client-1.9.2-82.4.el6_4.x86_64
> sssd-1.9.2-82.4.el6_4.x86_64
>
> Whenever a lookup is done (for example opening an SSH session or running
> groups username) to figure out a users' group membership and that
> particular user is a member of a ldap group that is nested in another
> ldap group, sssd_be aborts with the following logged to /var/log/messages:
>
> kernel: sssd_be[32294]: segfault at 0 ip (null) sp 00007fff4a2f2eb8
> error 14 in sssd_be[400000+87000]
>
> I do make use of the ldap_schema = rfc2307bis and ldap_group_member =
> uniqueMember options, as our ldap provider is Oracle Enterprise
> Directory Server (formally Sun Directory Server).
>
> I have also confirmed that this issue was introduced with an update to
> sssd released sometime after sssd-1.9.2-82.el6.x86_64, as in order to
> further troubleshoot this, I did a clean build of a RedHat 6.4 client,
> used the exact same /etc/sssd/sssd.conf file and have yet to have any
> trouble with the sssd daemon crashing.
>
> While I can avoid the issue by not updating the sssd* rpm's and the
> dependent rpm's, I'm assuming that this is something that the sssd
> developers or RedHat would want to be aware of, since it's doubtful that
> I'm the only one experiencing this issue.  Note that I can't submit a
> support ticket directly to RedHat, as we don't have support for our
> RedHat subscriptions (as an edu, we have the update only subscriptions
> without technical support).
>
> I'm not sure if this is the proper list to post such issue and if not,
> please direct me to a better source or let me know if any further
> information is needed to look into this issue.
>
> Aaron Bliss
> Systems Administrator
> SUNY Brockport
> (585) 395-2417
>
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
>
>

More information about the redhat-list mailing list