On (17/09/13 16:15), Pavel Březina wrote:
On 09/16/2013 01:13 PM, Lukas Slebodnik wrote:
On (16/09/13 12:24), Pavel Březina wrote:
On 09/16/2013 12:15 PM, Jakub Hrozek wrote:
On Mon, Sep 16, 2013 at 11:01:36AM +0200, Pavel Březina wrote:
On 09/13/2013 04:52 PM, Lukas Slebodnik wrote:
ehlo,
Attached patch resolves ticket #2075
LS
Hi,
minor nack.
+ ret = sdap_get_netgroup_primary_name(memctx, opts, attrs, dom, &name);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Failed to get netgroup name\n"));
+ goto fail;
+ }
Wrong indentation ^^ otherwise LGTM
Can you provide steps to reproduce please? I tries following netgroups:
dn: cn=ng-1,ou=Netgroups,dc=ldap,dc=pb
objectClass: top
objectClass: nisNetgroup
cn: ng-1
cn: ng-3
nisNetgroupTriple: (,,bobby,example.com)
nisNetgroupTriple: (,,johny.example.com)
Would it trigger the bug if you reversed the order of the cn attributes?
Or would that make saving the netgroup fail in sssd_be?
Reversing the order of cn attributes did not help but I triggered the
bug when dn=cn=ng-1 had only one cn, but dn=ng-3 had cn=ng-3 and
cn=ng-1.
The same result should be also without patch.
BTW It is a misconfiguration, if you use the same cn in two different entries.
Original problem was that the same netrgoup was stored to ldb
with the first cn attribute and later with the second cn attribute.
LS
OK then. I have cn=ng-1, cn=ng-11 and cn=ng-3,cn=ng-33. Logs looks
clear and it is stored correctly only once using rdn.
However nameAlias still contains wrong cn, we should fix that as well.
dn: name=ng-1,cn=Netgroups,cn=LDAP.PB,cn=sysdb
createTimestamp: 1379426841
name: ng-1
objectClass: netgroup
originalDN: cn=ng-1,ou=Netgroups,dc=ldap,dc=pb
originalModifyTimestamp: 20130917134857Z
netgroupTriple: (,,bobby,example.com)
netgroupTriple: (,,johny.example.com)
*nameAlias: ng-11*
lastUpdate: 1379426841
dataExpireTimestamp: 1379432241
distinguishedName: name=ng-1,cn=Netgroups,cn=LDAP.PB,cn=sysdb
I thought it is intention to have nameAliases for other cn.
ldapsearch -LLL -x -h localhost -b
cn=netgroup_dup_cn,cn=ng_custom,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com
dn: cn=netgroup_dup_cn,cn=ng_custom,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=c
om
objectClass: nisNetgroup
objectClass: top
nisNetgroupTriple: (-,usersssd01,idm.lab.eng.brq.redhat.com)
nisNetgroupTriple: (-,usersssd02,idm.lab.eng.brq.redhat.com)
cn: netgroup_dup_cn
cn: netgroup_netgroup_dup3_cn
cn: netgroup_netgroup_dup4_cn
cn: netgroup_netgroup_dup_cn
And output from sssd cache:
ldbsearch -H /var/lib/sss/db/cache_default.ldb -b
"name=netgroup_dup_cn,cn=Netgroups,cn=default,cn=sysdb"
dn: name=netgroup_dup_cn,cn=Netgroups,cn=default,cn=sysdb
createTimestamp: 1379430258
name: netgroup_dup_cn
objectClass: netgroup
originalDN: cn=netgroup_dup_cn,cn=ng_custom,dc=idm,dc=lab,dc=eng,dc=brq,dc=red
hat,dc=com
originalModifyTimestamp: 20130917145913Z
netgroupTriple: (-,usersssd01,idm.lab.eng.brq.redhat.com)
netgroupTriple: (-,usersssd02,idm.lab.eng.brq.redhat.com)
nameAlias: netgroup_netgroup_dup3_cn
nameAlias: netgroup_netgroup_dup4_cn
nameAlias: netgroup_netgroup_dup_cn
lastUpdate: 1379430258
dataExpireTimestamp: 1379435658
distinguishedName: name=netgroup_dup_cn,cn=Netgroups,cn=default,cn=sysdb
LS
