[Bug]: lsd displays numeric UIDs instead of usernames in SSS/LDAP environments

[gaohongkui]

Bug Description

In environments using SSS (System Security Services Daemon) for user management (such as LDAP or Active Directory integration), lsd displays numeric user IDs instead of actual usernames in the user/group columns.

Environment

• lsd version: 1.1.5
• Operating System: Linux (SSH remote environment)
• User Management: SSS with LDAP integration
• NSS Configuration: /etc/nsswitch.conf contains passwd: compat systemd sss
• Architecture: x86_64

Steps to Reproduce

1. Set up an environment with SSS-based user management (LDAP/AD)
2. Ensure current user is managed through SSS (not in /etc/passwd)
3. Run lsd -l in any directory
4. Observe the user/group columns

Expected Behavior

Should display actual usernames and group names, similar to the native ls -l command:

-rw-r--r-- username groupname   1234 2024-01-15 10:30 example.txt

Actual Behavior

Displays numeric UIDs/GIDs instead of names:

-rw-r--r-- 1234567 1234567   1234 2024-01-15 10:30 example.txt

Additional Information

Verification Commands

• getent passwd $(id -u) works correctly and returns user information
• ls -l (native command) displays usernames correctly
• Only lsd is affected by this issue

Root Cause Analysis

• The issue occurs because lsd cannot properly access NSS SSS modules for user name resolution
• The problem is specific to environments where users are managed through SSS rather than local /etc/passwd

Working Solution

The issue can be resolved by preloading the NSS SSS library:

export LD_PRELOAD="/lib/x86_64-linux-gnu/libnss_sss.so.2"
lsd -l  # Now correctly displays usernames

Environment Detection Script

# Check if SSS is configured
if [ -f /lib/x86_64-linux-gnu/libnss_sss.so.2 ] && grep -q "sss" /etc/nsswitch.conf 2>/dev/null; then
  echo "SSS environment detected - lsd may need LD_PRELOAD workaround"
fi

Suggested Fixes

1. Library Linking: Explicitly link against NSS SSS libraries during compilation
2. Runtime Detection: Add runtime detection for SSS environments and automatically apply the LD_PRELOAD workaround
3. Documentation: Document this issue and workaround in the README for enterprise/LDAP users
4. Configuration Option: Add a configuration option to enable SSS support

Impact

This bug affects users in enterprise environments where:

• LDAP/Active Directory integration is common
• SSH access to remote servers is standard
• User management is centralized through SSS

Related Issues

• This appears to be a rare but significant issue for enterprise users
• Limited documentation available online for this specific problem
• Similar issues may exist with other NSS modules (NIS, etc.)

System Information

Click to expand system details

# NSS configuration
$ cat /etc/nsswitch.conf | grep passwd
passwd: compat systemd sss

# User information (anonymized)
$ id
uid=1234567(username) gid=1234567(groupname) groups=1234567(groupname)

# SSS library
$ ls -la /lib/x86_64-linux-gnu/libnss_sss.so.2
-rw-r--r-- 1 root root [size] [date] /lib/x86_64-linux-gnu/libnss_sss.so.2

# lsd version
$ lsd --version
lsd 1.1.5

---

Labels: bug, enhancement, help wanted