2017-10-28 22:02:38 |
Uli |
bug |
|
|
added bug |
2017-10-28 22:02:38 |
Uli |
attachment added |
|
03-nss.c.patch https://bugs.launchpad.net/bugs/1728310/+attachment/4999045/+files/03-nss.c.patch |
|
2017-10-28 22:06:46 |
Uli |
description |
nss.c uses wrong '@' sign to detect the NFS domain resulting in the following error messages:
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: key: 0x2c254c26 type: uid value: rns@localdomain@ipa.localdomain timeout 600
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' domain 'ipa.localdomain': resulting localname '(null)'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' does not map into domain 'ipa.localdomain'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: nsswitch->name_to_uid returned -22
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: final return value is -22 |
nss.c uses wrong '@' sign to detect the NFS domain resulting in the following error messages:
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: key: 0x2c254c26 type: uid value: rns@localdomain@ipa.localdomain timeout 600
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' domain 'ipa.localdomain': resulting localname '(null)'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' does not map into domain 'ipa.localdomain'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: nsswitch->name_to_uid returned -22
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: final return value is -22
Affects at least libnfsidmap2=0.25-5 and 0.25-5.1 on 16.04, 16.10, 17.04, 17.10
Corresponding Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744768
Tested patch attached. |
|
2017-10-28 22:08:06 |
Uli |
description |
nss.c uses wrong '@' sign to detect the NFS domain resulting in the following error messages:
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: key: 0x2c254c26 type: uid value: rns@localdomain@ipa.localdomain timeout 600
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' domain 'ipa.localdomain': resulting localname '(null)'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' does not map into domain 'ipa.localdomain'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: nsswitch->name_to_uid returned -22
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: final return value is -22
Affects at least libnfsidmap2=0.25-5 and 0.25-5.1 on 16.04, 16.10, 17.04, 17.10
Corresponding Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744768
Tested patch attached. |
nss.c uses wrong '@' sign to detect the NFS domain resulting in "nobody" ownerships and the following error messages:
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: key: 0x2c254c26 type: uid value: rns@localdomain@ipa.localdomain timeout 600
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' domain 'ipa.localdomain': resulting localname '(null)'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' does not map into domain 'ipa.localdomain'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: nsswitch->name_to_uid returned -22
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: final return value is -22
Affects at least libnfsidmap2=0.25-5 and 0.25-5.1 on 16.04, 16.10, 17.04, 17.10
Corresponding Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744768
Tested patch attached. |
|
2017-10-28 22:09:02 |
Uli |
description |
nss.c uses wrong '@' sign to detect the NFS domain resulting in "nobody" ownerships and the following error messages:
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: key: 0x2c254c26 type: uid value: rns@localdomain@ipa.localdomain timeout 600
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' domain 'ipa.localdomain': resulting localname '(null)'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' does not map into domain 'ipa.localdomain'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: nsswitch->name_to_uid returned -22
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: final return value is -22
Affects at least libnfsidmap2=0.25-5 and 0.25-5.1 on 16.04, 16.10, 17.04, 17.10
Corresponding Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744768
Tested patch attached. |
nss.c uses wrong '@' sign to detect the NFS domain resulting in "nobody" ownerships and the following error messages in an IPA environment:
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: key: 0x2c254c26 type: uid value: rns@localdomain@ipa.localdomain timeout 600
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' domain 'ipa.localdomain': resulting localname '(null)'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' does not map into domain 'ipa.localdomain'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: nsswitch->name_to_uid returned -22
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: final return value is -22
Affects at least libnfsidmap2=0.25-5 and 0.25-5.1 on 16.04, 16.10, 17.04, 17.10
Corresponding Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744768
Tested patch attached. |
|
2017-10-28 22:11:57 |
Uli |
description |
nss.c uses wrong '@' sign to detect the NFS domain resulting in "nobody" ownerships and the following error messages in an IPA environment:
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: key: 0x2c254c26 type: uid value: rns@localdomain@ipa.localdomain timeout 600
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' domain 'ipa.localdomain': resulting localname '(null)'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' does not map into domain 'ipa.localdomain'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: nsswitch->name_to_uid returned -22
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: final return value is -22
Affects at least libnfsidmap2=0.25-5 and 0.25-5.1 on 16.04, 16.10, 17.04, 17.10
Corresponding Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744768
Tested patch attached. |
Environment: IPA + NFSv4 (sec=krb5).
nss.c uses wrong '@' sign to detect the NFS domain resulting in "nobody" ownerships and the following error messages in an IPA environment:
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: key: 0x2c254c26 type: uid value: rns@localdomain@ipa.localdomain timeout 600
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' domain 'ipa.localdomain': resulting localname '(null)'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' does not map into domain 'ipa.localdomain'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: nsswitch->name_to_uid returned -22
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: final return value is -22
Affects at least libnfsidmap2=0.25-5 and 0.25-5.1 on 16.04, 16.10, 17.04, 17.10
Corresponding Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744768
Tested patch attached. |
|
2017-10-29 00:29:22 |
Ubuntu Foundations Team Bug Bot |
tags |
xenial |
patch xenial |
|
2017-10-29 00:29:34 |
Ubuntu Foundations Team Bug Bot |
bug |
|
|
added subscriber Ubuntu Review Team |
2017-10-29 08:42:59 |
Hans Joachim Desserud |
bug watch added |
|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744768 |
|
2017-10-29 08:42:59 |
Hans Joachim Desserud |
bug task added |
|
autofs (Debian) |
|
2017-10-29 09:37:33 |
Bug Watch Updater |
autofs (Debian): status |
Unknown |
New |
|
2017-10-30 06:25:50 |
Uli |
attachment removed |
03-nss.c.patch https://bugs.launchpad.net/ubuntu/+source/autofs/+bug/1728310/+attachment/4999045/+files/03-nss.c.patch |
|
|
2017-10-30 06:29:42 |
Uli |
attachment added |
|
1-0.25-5ubuntu1.debdiff https://bugs.launchpad.net/ubuntu/+source/autofs/+bug/1728310/+attachment/4999879/+files/1-0.25-5ubuntu1.debdiff |
|
2017-10-30 14:56:29 |
Brian Murray |
bug |
|
|
added subscriber Ubuntu Sponsors Team |
2017-10-31 03:22:58 |
Uli |
attachment added |
|
2-0.25-5ubuntu1.debdiff https://bugs.launchpad.net/ubuntu/+source/autofs/+bug/1728310/+attachment/5000612/+files/2-0.25-5ubuntu1.debdiff |
|
2017-10-31 03:50:43 |
Uli |
attachment removed |
1-0.25-5ubuntu1.debdiff https://bugs.launchpad.net/ubuntu/+source/autofs/+bug/1728310/+attachment/4999879/+files/1-0.25-5ubuntu1.debdiff |
|
|
2017-10-31 03:54:39 |
Uli |
affects |
autofs (Ubuntu) |
libnfsidmap (Ubuntu) |
|
2017-10-31 04:37:29 |
Launchpad Janitor |
libnfsidmap (Ubuntu): status |
New |
Confirmed |
|
2017-10-31 04:38:05 |
Robert Sturrock |
bug |
|
|
added subscriber Robert Sturrock |
2018-02-22 00:23:48 |
Dylan McCulloch |
bug |
|
|
added subscriber Dylan McCulloch |
2018-03-05 06:34:30 |
Mathew Hodson |
affects |
autofs (Debian) |
libnfsidmap (Debian) |
|
2018-03-05 06:36:32 |
Mathew Hodson |
libnfsidmap (Ubuntu): importance |
Undecided |
Medium |
|
2018-08-17 04:36:27 |
Simon Quigley |
removed subscriber Ubuntu Review Team |
|
|
|
2018-08-17 04:36:28 |
Simon Quigley |
removed subscriber Ubuntu Sponsors Team |
|
|
|
2018-08-17 06:19:13 |
Uli |
bug |
|
|
added subscriber Ubuntu Sponsors Team |
2018-11-25 01:00:38 |
Mathew Hodson |
description |
Environment: IPA + NFSv4 (sec=krb5).
nss.c uses wrong '@' sign to detect the NFS domain resulting in "nobody" ownerships and the following error messages in an IPA environment:
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: key: 0x2c254c26 type: uid value: rns@localdomain@ipa.localdomain timeout 600
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' domain 'ipa.localdomain': resulting localname '(null)'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' does not map into domain 'ipa.localdomain'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: nsswitch->name_to_uid returned -22
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: final return value is -22
Affects at least libnfsidmap2=0.25-5 and 0.25-5.1 on 16.04, 16.10, 17.04, 17.10
Corresponding Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744768
Tested patch attached. |
[Impact]
* In a multi-domain environment setup with LDAP or IPA, the username is not parsed correctly, resulting in id mapping issues.
* As a result, NFSv4 cannot be used in a multi-domain environment at all if the username is of the form user@authentication_domain@idmap_domain
* The attached patch fixes an almost 10 year old bug in the libnfsidmap library. The patch is included already in a similar form in current RHEL releases.
* Affects at least libnfsidmap2 0.25-5 on Ubuntu 16.04, 16.10, 17.04, 17.10.
[Test Case]
* IPA with 2 different user domains. For example: user1@domain1 and user2@domain2.
* NFSv4 server enrolled into IPA.
* NFS client enrolled into IPA. User and group names coming from IPA have an '@' in them.
[Regression Potential]
* The attached patch has been in production in a major organisation with more than 500 Ubuntu clients for more than a year now and has not shown any issues.
[Other Info]
Environment: IPA + NFSv4 (sec=krb5)
nss.c uses wrong '@' sign to detect the NFS domain resulting in "nobody" ownerships and the following error messages in an IPA environment:
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: key: 0x2c254c26 type: uid value: rns@localdomain@ipa.localdomain timeout 600
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: calling nsswitch->name_to_uid
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' domain 'ipa.localdomain': resulting localname '(null)'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nss_getpwnam: name 'rns@localdomain@ipa.localdomain' does not map into domain 'ipa.localdomain'
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: nsswitch->name_to_uid returned -22
Oct 25 16:49:42 ubuntu-16.04-client.sub.localdomain nfsidmap[6163]: nfs4_name_to_uid: final return value is -22 |
|
2019-03-21 18:33:00 |
Andreas Hasenack |
marked as duplicate |
|
1819197 |
|