/usr/bin/id does not show ldap groups
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libnss-ldap (Ubuntu) |
Expired
|
Undecided
|
Unassigned |
Bug Description
We've found a bug with libnss:
Configure your system to use /etc-files then ldap, nis, or whatever. Have your user in some local groups, *and* in some ldap, nis, whatever only groups. Then logoff, logon again. Do "getent group". All groups are listed -- local ones and the ldap, nis, other ones. Now do "id". Only local groups are shown. You are not a member of any ldap, nis, orwhatever defined group!
This is quite bad, mainly, if groups are defined to disallow users access.
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: apport 1.20.1-0ubuntu5
ProcVersionSign
Uname: Linux 2.6.38-
Architecture: i386
CrashReports:
600:2023:
600:0:
600:0:
Date: Wed Apr 27 10:54:09 2011
InstallationMedia: Ubuntu-Server 10.04 LTS "Lucid Lynx" - Release i386 (20100427)
PackageArchitec
ProcEnviron:
LANGUAGE=en_US:en
LANG=en_US.UTF-8
SHELL=/bin/zsh
SourcePackage: apport
UpgradeStatus: Upgraded to natty on 2011-02-03 (82 days ago)
affects: | ubuntu → libnss-ldap (Ubuntu) |
summary: |
- https://bugs.launchpad.net/ubuntu/+source/apport/+filebug/0daa4734-70ac-11e0-a32f-002481e7f48a? + /usr/bin/id does not show ldap groups |
It was necessary to submit this bug with a "dummy" package, because it was not possible to give apport the correct package name. It just told over and over again about "unknown package".
The bug is active since yesterday, 26th, April 2011. We've noticed this bug first 27th, April 2011.
We've found that it affects:
Ubuntu 10.04.2 LTS
Ubuntu 10.10
Ubuntu 11.04
It is a security vulnerability, if groups are used to disallow access.