SSSD group memberships won't work until is placed in the correct directory.

Bug #658909 reported by Kiall Mac Innes on 2010-10-12
This bug affects 3 people
Affects Status Importance Assigned to Milestone
FreeIPA packaging
sssd (Ubuntu)

Bug Description

Binary package hint: sssd

OS Version: Ubuntu 10.10
SSSD Version: 1.2.1-4

What you expected to happen:
Secondary group memberships to be populated.

What happened instead:
No secondary groups are populated..

A quick fix:
mkdir -p /usr/modules/ldb/ && ln -s /usr/lib/ldb/ /usr/modules/ldb/

Some debugging BG info:
If you run this after setting up SSSD to auth users etc:
$ ldbsearch -H /var/lib/sss/db/cache_DOMAIN.COM.ldb

You should see something like this:
unable to load memberof from /usr/modules/ldb/ /usr/modules/ldb/ cannot open shared object file: No such file or directory
WARNING: Module [memberof] not found

The sssd package places the file into /usr/lib/ldb/

CVE References

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package sssd - 1.2.1-4.1ubuntu1

sssd (1.2.1-4.1ubuntu1) natty; urgency=low

  * debian/sssd.install:
    The ldb module directory is now /usr/lib/ldb/modules/ldb.
    (lp: #658909).

sssd (1.2.1-4.1) unstable; urgency=medium

  * Non-maintainer upload by the Security Team
  * Fix CVE-2010-4341 (Closes: #610032)
 -- Michael Bienia <email address hidden> Fri, 28 Jan 2011 15:23:15 +0100

Changed in sssd (Ubuntu):
status: New → Fix Released
Kiall Mac Innes (kiall) wrote :

It looks like this was fixed in natty, Do you know if the fix will be backported to maverick?


To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers