Re: sssd_be crashing with nested ldap groups

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi all,
Apologies for the confusion. Our fully patched boxes are running the following rpm versions:

sssd-1.9.2-82.7.el6_4.x86_64
sssd-client-1.9.2-82.7.el6_4.x86_64

So the issue was introduced sometime between sssd-1.9.2-82.el6.x86_64 and sssd-1.9.2-82.7.el6_4.x86_64.

Aaron
On 5/14/2013 9:07 AM, Aaron Bliss wrote:
Hi all,
I have several fully patched RedHat boxes (20 or more), with the following sssd rpms installed:

sssd-client-1.9.2-82.4.el6_4.x86_64
sssd-1.9.2-82.4.el6_4.x86_64

Whenever a lookup is done (for example opening an SSH session or running groups username) to figure out a users' group membership and that particular user is a member of a ldap group that is nested in another ldap group, sssd_be aborts with the following logged to /var/log/messages:

kernel: sssd_be[32294]: segfault at 0 ip (null) sp 00007fff4a2f2eb8 error 14 in sssd_be[400000+87000]

I do make use of the ldap_schema = rfc2307bis and ldap_group_member = uniqueMember options, as our ldap provider is Oracle Enterprise Directory Server (formally Sun Directory Server).

I have also confirmed that this issue was introduced with an update to sssd released sometime after sssd-1.9.2-82.el6.x86_64, as in order to further troubleshoot this, I did a clean build of a RedHat 6.4 client, used the exact same /etc/sssd/sssd.conf file and have yet to have any trouble with the sssd daemon crashing.

While I can avoid the issue by not updating the sssd* rpm's and the dependent rpm's, I'm assuming that this is something that the sssd developers or RedHat would want to be aware of, since it's doubtful that I'm the only one experiencing this issue. Note that I can't submit a support ticket directly to RedHat, as we don't have support for our RedHat subscriptions (as an edu, we have the update only subscriptions without technical support).

I'm not sure if this is the proper list to post such issue and if not, please direct me to a better source or let me know if any further information is needed to look into this issue.

Aaron Bliss
Systems Administrator
SUNY Brockport
(585) 395-2417



--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list




[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux