'id' fails to resolve groups when used with nss-ldap
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
coreutils (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: coreutils
When using LDAP as a users/group storage and name service switch to get them from, one can notice that for some users their group information cannot be fetched. This could fail for both local-users and ldap-users, as well can be successfull for ldap-users.
$ id root
uid=0(root) gid=0(root)Aborted (core dumped)
As a normal user:
$ id avahi
uid=108(avahi) gid=118(
As root:
$ sudo id avahi
uid=108(avahi) gid=118(avahi)id: failed to get groups for user `avahi': No such file or directory
$ id toor
uid=1000(toor) gid=1000(
'toor' is the only 'local' user for wich the call succeeds! Note, in this example, that '1000(A_
'feisty' and 'gutsy' , as well as 'Debian 4.0' machines always resolve groups from the same LDAP server. Also tested on a LDAP server with only 2 users and 2 groups, always fails for Hardy and works for older versions.
This problem prevents most of local daemons (avahi, dbus, etc.) from start!
Workaround: disable ldap for groups in /etc/nsswitch.conf, so that users are resolved both from files and ldap while groups only from files.
libnss-ldap: 258-1ubuntu2
libc6: 2.7-5ubuntu2
description: | updated |