URL: https://github.com/SSSD/sssd/pull/128 Title: #128: Fix group renaming issue when "id_provider = ldap" is set
fidencio commented: """ On Wed, Oct 4, 2017 at 3:05 PM, lslebodn notifications@github.com wrote:
Just for the record, the issues mentioned by @lslebodn https://github.com/lslebodn were reported recently and I really would prefer to treat them as not part of this PR (if necessary).
That is wrong preference because after renaming groups there might be two different entries in memory cache with the same UID/GID but with different name. And that is a problem. And must be fixed as part of https://fedorahosted.org/sssd/ticket/3282.
Okay, then. But differently from the other times I'll wait a few weeks before touching this PR again so if something else comes to someone mind I'll do everything at once (and not split in a several requests over a year).
hmm, perhaps we could also forcibly drop the contents of memory cache like we do with the back end to nss back channel when the groups are renamed?
Did you mean with the back end to nss back channel when authentication change initgroups?
Although with the renaming we should not end up with duplicate entries anymore...
Are you sure? Because sysdb will not contain duplicate entries but memory cache might have. Unless you will be lucky and 1st entry before renaming is already expired in memory cache.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/SSSD/sssd/pull/128#issuecomment-334148621, or mute the thread https://github.com/notifications/unsubscribe-auth/AAG4epAy6y99FvuEtpWbdhLTP6lOJZAZks5so4K2gaJpZM4LnEr8 .
"""
See the full comment at https://github.com/SSSD/sssd/pull/128#issuecomment-334151306