sssd_be crashing with nested ldap groups

Truhn, Chad Chad.Truhn at bowheadsupport.com
Fri May 17 16:03:04 UTC 2013 

If you believe this is a bug, the best option (sans support) is submit a bug on the Red Hat Bugzilla site.  No support contract needed.  

https://bugzilla.redhat.com/

If you haven't already, check to see if this has already been submitted before posting a new bug.  They might already be aware of this issue and could potentially have a patch.

Sorry I can't help with the actual issue, but the bugzilla route will get you the proper eyes on the problem.

Good luck,
Chad
________________________________________
From: redhat-list-bounces at redhat.com [redhat-list-bounces at redhat.com] on behalf of Aaron Bliss [abliss at brockport.edu]
Sent: Tuesday, May 14, 2013 9:07 AM
To: 'General Red Hat Linux discussion list'
Subject: sssd_be crashing with nested ldap groups

Hi all,
I have several fully patched RedHat boxes (20 or more), with the
following sssd rpms installed:

sssd-client-1.9.2-82.4.el6_4.x86_64
sssd-1.9.2-82.4.el6_4.x86_64

Whenever a lookup is done (for example opening an SSH session or running
groups username) to figure out a users' group membership and that
particular user is a member of a ldap group that is nested in another
ldap group, sssd_be aborts with the following logged to /var/log/messages:

kernel: sssd_be[32294]: segfault at 0 ip (null) sp 00007fff4a2f2eb8
error 14 in sssd_be[400000+87000]

I do make use of the ldap_schema = rfc2307bis and ldap_group_member =
uniqueMember options, as our ldap provider is Oracle Enterprise
Directory Server (formally Sun Directory Server).

I have also confirmed that this issue was introduced with an update to
sssd released sometime after sssd-1.9.2-82.el6.x86_64, as in order to
further troubleshoot this, I did a clean build of a RedHat 6.4 client,
used the exact same /etc/sssd/sssd.conf file and have yet to have any
trouble with the sssd daemon crashing.

While I can avoid the issue by not updating the sssd* rpm's and the
dependent rpm's, I'm assuming that this is something that the sssd
developers or RedHat would want to be aware of, since it's doubtful that
I'm the only one experiencing this issue.  Note that I can't submit a
support ticket directly to RedHat, as we don't have support for our
RedHat subscriptions (as an edu, we have the update only subscriptions
without technical support).

I'm not sure if this is the proper list to post such issue and if not,
please direct me to a better source or let me know if any further
information is needed to look into this issue.

Aaron Bliss
Systems Administrator
SUNY Brockport
(585) 395-2417



--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

More information about the redhat-list mailing list