[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

id gives conflicting results


I was digging around a problem with a user not being able to access his
cdrom even though the user belongs to group cdrom (as reported by "groups
user") and the cdrom device is mode rw- group cdrom. It was immediately
clear this is a libnss-ldap issue, since the problem disappears if I add
the user to local (i.e. /etc/group) cdrom group and remove ldap from
group-line in /etc/nsswitch.conf.

Now, what I am concerned about is this. I am logged in as user "juhaj" and

~> id
uid=1000(juhaj) gid=1000(juhaj)

~> id juhaj
uid=1000(juhaj) gid=1000(juhaj)

These are different, why? According to man id "id" and "id
<currently logged on user>" are the same. The other command sees four
strange groups > 30000 - those are related to openafs kernel tokens and
thus are not "real" groups. The first command, however sees some groups
twice and even in a different order. Can the groups seen twice are a
result of juhaj being a member of these groups both in LDAP and
in /etc/group?

The name service is configured as (I know [SUCCESS=return] is the default,
but having been hit by changing defaults more times than I can count, I
always explicitly mention those defaults that I depend on.)

passwd:         ldap [SUCCESS=return] compat
group:          ldap [SUCCESS=return] compat

Can this be related to the not-able-to-access-cdrom problem and is this a


                | Juha Jäykkä, juolja@utu.fi			|
		| Laboratory of Theoretical Physics		|
		| Department of Physics, University of Turku	|
                | home: http://www.utu.fi/~juolja/              |

Attachment: signature.asc
Description: PGP signature

Reply to: