Skip to content

Group creation when there are no groups found in userinfo and no primary_group set

For example, for DEEP IAM: no eduperson_entitlement claim present, list of groups in groups claim.

In non-interactive mode, when there is no primary_group configured, it attempts to create a group None:

INFO:ldf_adapter:init
INFO:ldf_adapter.name_generators:Potential username: dianagudu
WARNING:ldf_adapter:Not a single group found; This may be ok, depending on the request type
INFO:ldf_adapter:init done
INFO:ldf_adapter:Incoming request to 'deployed' user 'diana.gudu@kit.edu' (84ff0332-c96c-4067-b496-84ee5a9b7558@https%3A%2F%2Fiam.deep-hybrid-datacloud.eu%2F)
INFO:ldf_adapter:Creating group None
Traceback (most recent call last):
  File "/home/diana/workspace/ssh-oidc/venv/bin/feudal-adapter", line 10, in <module>
    sys.exit(main())
  File "/home/diana/workspace/ssh-oidc/venv/lib/python3.9/site-packages/ldf_adapter/interface.py", line 31, in main
    result = User(data).reach_state(data['state_target'])
  File "/home/diana/workspace/ssh-oidc/venv/lib/python3.9/site-packages/ldf_adapter/__init__.py", line 167, in reach_state
    return self.deploy()
  File "/home/diana/workspace/ssh-oidc/venv/lib/python3.9/site-packages/ldf_adapter/__init__.py", line 189, in deploy
    self.ensure_groups_exist()
  File "/home/diana/workspace/ssh-oidc/venv/lib/python3.9/site-packages/ldf_adapter/__init__.py", line 360, in ensure_groups_exist
    group.create()
  File "/home/diana/workspace/ssh-oidc/venv/lib/python3.9/site-packages/ldf_adapter/backend/local_unix.py", line 176, in create
    subprocess.run(['groupadd', self.name],
  File "/usr/lib/python3.9/subprocess.py", line 501, in run
    with Popen(*popenargs, **kwargs) as process:
  File "/usr/lib/python3.9/subprocess.py", line 947, in __init__
    self._execute_child(args, executable, preexec_fn, close_fds,
  File "/usr/lib/python3.9/subprocess.py", line 1752, in _execute_child
    self.pid = _posixsubprocess.fork_exec(
TypeError: expected str, bytes or os.PathLike object, not NoneType

What is the desired behaviour here?

  • consider groups claim
  • add user to a default group for such cases
  • catch error and return fail message with explanation
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

A HIFIS Service | Privacy | Imprint | Support | Documentation | Changelog