On Tue, Dec 04, 2012 at 02:47:10PM -0500, Simo Sorce wrote:
This set of functions enumerate the user's groups and invalidate them all if the list does not matches what we get from the caller.
I'm seeing a segfault with this patch when I start with an empty cache and log in as an IPA user. Here is the backtrace:
(gdb) bt #0 __memcpy_ssse3_back () at ../sysdeps/x86_64/multiarch/memcpy-ssse3-back.S:2722 #1 0x000000000041cddb in nss_update_initgr_memcache (nctx=0x13cb170, name=0x13e2a64 "admin", domain=0x13e2a70 "ipaldap", gnum=0, groups=0x0) at src/responder/nss/nsssrv_cmd.c:3383 #2 0x0000000000408583 in nss_memcache_initgr_check (message=0x13d3800, conn=0x13d20b0) at src/responder/nss/nsssrv.c:331 #3 0x000000000046e6af in sbus_message_handler (dbus_conn=0x13d1d30, message=0x13d3800, user_data=0x13d02f0) at src/sbus/sssd_dbus_connection.c:430 #4 0x00000038d261d9c5 in _dbus_object_tree_dispatch_and_unlock (tree=0x13d1a70, message=message@entry=0x13d3800, found_object=found_object@entry=0x7fffd86861a4) at dbus-object-tree.c:862 #5 0x00000038d260fc20 in dbus_connection_dispatch (connection=0x13d1d30) at dbus-connection.c:4672 #6 0x000000000046ce48 in sbus_dispatch (ev=0x13c23b0, te=0x13d6e00, tv=..., data=0x13d20b0) at src/sbus/sssd_dbus_connection.c:104 #7 0x00000038d2207d40 in tevent_common_loop_timer_delay (ev=ev@entry=0x13c23b0) at ../tevent_timed.c:254 #8 0x00000038d22073ec in std_event_loop_once (ev=0x13c23b0, location=<optimized out>) at ../tevent_standard.c:560 #9 0x00000038d2204060 in _tevent_loop_once (ev=ev@entry=0x13c23b0, location=location@entry=0x4a1eff "src/util/server.c:601") at ../tevent.c:507 #10 0x00000038d22041eb in tevent_common_loop_wait (ev=0x13c23b0, location=0x4a1eff "src/util/server.c:601") at ../tevent.c:608 #11 0x00000000004754fb in server_loop (main_ctx=0x13c3530) at src/util/server.c:601 #12 0x000000000040a245 in main (argc=2, argv=0x7fffd86866f8) at src/responder/nss/nsssrv.c:563 (gdb) frame 1 #1 0x000000000041cddb in nss_update_initgr_memcache (nctx=0x13cb170, name=0x13e2a64 "admin", domain=0x13e2a70 "ipaldap", gnum=0, groups=0x0) at src/responder/nss/nsssrv_cmd.c:3383 3383 memcpy(gids, groups, gnum + sizeof(uint32_t)); (gdb) print groups $1 = (uint32_t *) 0x0 (gdb) print gnum $2 = 0
The weird part is that ipa user-show tells me that the user *is* a member of group admins, but here nss doesn't get any groups back.