- add fixes for bug 2170287.

2023-03-27 16:39:42 +08:00 · 2023-03-27 16:39:42 +08:00 · ddadd6b1bc
commit ddadd6b1bc
parent bc803ef35f
3 changed files with 172 additions and 1 deletions
--- a/autofs-5.1.8-dont-immediately-call-function-when-waiting.patch
+++ b/autofs-5.1.8-dont-immediately-call-function-when-waiting.patch
@ -0,0 +1,101 @@
+autofs-5.1.8 - dont immediately call function when waiting
+
+From: Ian Kent <raven@themaw.net>
+
+When autofs needs to wait for a sss connection the connection function
+is immediately called a second time without first waiting. Adjust the
+calling so that there's a wait before the next call.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG            |    1 +
+ modules/lookup_sss.c |   24 ++++++++++++------------
+ 2 files changed, 13 insertions(+), 12 deletions(-)
+
+--- autofs-5.1.7.orig/CHANGELOG
+++ autofs-5.1.7/CHANGELOG
+@@ -114,6 +114,7 @@
+ - fix incorrect path for is_mounted() in try_remount().
+ - fail on empty replicated host name.
+ - improve handling of ENOENT in sss setautomntent().
+- don't immediately call function when waiting.
+ 
+ 25/01/2021 autofs-5.1.7
+ - make bind mounts propagation slave by default.
+--- autofs-5.1.7.orig/modules/lookup_sss.c
+++ autofs-5.1.7/modules/lookup_sss.c
+@@ -338,10 +338,13 @@ static int setautomntent_wait(unsigned i
+ 	     "can't connect to sssd, retry for %d seconds",
+ 	     retries);
+ 
+-	while (++retry <= retries) {
+	while (++retry < retries) {
+ 		struct timespec t = { SSS_WAIT_INTERVAL, 0 };
+ 		struct timespec r;
+ 
+		while (nanosleep(&t, &r) == -1 && errno == EINTR)
+			memcpy(&t, &r, sizeof(struct timespec));
+
+ 		ret = ctxt->setautomntent(ctxt->mapname, sss_ctxt);
+ 		if (proto_version(ctxt) == 0) {
+ 			if (ret != ENOENT)
+@@ -355,9 +358,6 @@ static int setautomntent_wait(unsigned i
+ 			free(*sss_ctxt);
+ 			*sss_ctxt = NULL;
+ 		}
+-
+-		while (nanosleep(&t, &r) == -1 && errno == EINTR)
+-			memcpy(&t, &r, sizeof(struct timespec));
+ 	}
+ 
+ 	if (!ret)
+@@ -475,10 +475,13 @@ static int getautomntent_wait(unsigned i
+ 	 "can't contact sssd to to get map entry, retry for %d seconds",
+ 	 retries);
+ 
+-	while (++retry <= retries) {
+	while (++retry < retries) {
+ 		struct timespec t = { SSS_WAIT_INTERVAL, 0 };
+ 		struct timespec r;
+ 
+		while (nanosleep(&t, &r) == -1 && errno == EINTR)
+			memcpy(&t, &r, sizeof(struct timespec));
+
+ 		ret = ctxt->getautomntent_r(key, value, sss_ctxt);
+ 		if (proto_version(ctxt) == 0) {
+ 			if (ret != ENOENT)
+@@ -487,9 +490,6 @@ static int getautomntent_wait(unsigned i
+ 			if (ret != EHOSTDOWN)
+ 				break;
+ 		}
+-
+-		while (nanosleep(&t, &r) == -1 && errno == EINTR)
+-			memcpy(&t, &r, sizeof(struct timespec));
+ 	}
+ 
+ 	if (!ret)
+@@ -600,10 +600,13 @@ static int getautomntbyname_wait(unsigne
+ 	"can't contact sssd to to lookup key value, retry for %d seconds",
+ 	retries);
+ 
+-	while (++retry <= retries) {
+	while (++retry < retries) {
+ 		struct timespec t = { SSS_WAIT_INTERVAL, 0 };
+ 		struct timespec r;
+ 
+		while (nanosleep(&t, &r) == -1 && errno == EINTR)
+			memcpy(&t, &r, sizeof(struct timespec));
+
+ 		ret = ctxt->getautomntbyname_r(key, value, sss_ctxt);
+ 		if (proto_version(ctxt) == 0) {
+ 			if (ret != ENOENT)
+@@ -612,9 +615,6 @@ static int getautomntbyname_wait(unsigne
+ 			if (ret != EHOSTDOWN)
+ 				break;
+ 		}
+-
+-		while (nanosleep(&t, &r) == -1 && errno == EINTR)
+-			memcpy(&t, &r, sizeof(struct timespec));
+ 	}
+ 
+ 	if (!ret)
--- a/autofs-5.1.8-improve-handling-of-ENOENT-in-sss-setautomntent.patch
+++ b/autofs-5.1.8-improve-handling-of-ENOENT-in-sss-setautomntent.patch
@ -0,0 +1,59 @@
+autofs-5.1.8 - improve handling of ENOENT in sss setautomntent()
+
+From: Ian Kent <raven@themaw.net>
+
+In the sss lookup module function setautomntent() a return of ENOENT
+isn't handled quite right.
+
+If ENOENT (rather than EHOSTDOWN) is returned from sss setautomntent()
+we should assume the LDAP info. has been read by sss and the entry in
+fact doesn't exist.
+
+Signed-off-by: Ian Kent <raven@themaw.net>
+---
+ CHANGELOG            |    1 +
+ modules/lookup_sss.c |   16 +++++++++++++++-
+ 2 files changed, 16 insertions(+), 1 deletion(-)
+
+--- autofs-5.1.7.orig/CHANGELOG
+++ autofs-5.1.7/CHANGELOG
+@@ -113,6 +113,7 @@
+ - fix minus only option handling in concat_options().
+ - fix incorrect path for is_mounted() in try_remount().
+ - fail on empty replicated host name.
+- improve handling of ENOENT in sss setautomntent().
+ 
+ 25/01/2021 autofs-5.1.7
+ - make bind mounts propagation slave by default.
+--- autofs-5.1.7.orig/modules/lookup_sss.c
+++ autofs-5.1.7/modules/lookup_sss.c
+@@ -394,7 +394,17 @@ static int setautomntent(unsigned int lo
+ 			if (ret != ENOENT)
+ 				goto error;
+ 		} else {
+-			if (ret != ENOENT && ret != EHOSTDOWN)
+			/* If we get an ENOENT here assume it's accurrate
+			 * and return the error.
+			 */
+			if (ret == ENOENT) {
+				error(logopt, MODPREFIX
+				      "setautomountent: entry for map %s not found",
+				      ctxt->mapname);
+				err = NSS_STATUS_NOTFOUND;
+				goto free;
+			}
+			if (ret != EHOSTDOWN)
+ 				goto error;
+ 		}
+ 
+@@ -410,6 +420,10 @@ static int setautomntent(unsigned int lo
+ 			if (ret == EINVAL)
+ 				goto free;
+ 			if (ret == ENOENT) {
+				/* Map info. not found after host became available */
+				error(logopt, MODPREFIX
+				      "setautomountent: entry for map %s not found",
+				      ctxt->mapname);
+ 				err = NSS_STATUS_NOTFOUND;
+ 				goto free;
+ 			}
--- a/autofs.spec
+++ b/autofs.spec
@ -12,7 +12,7 @@
 Summary: A tool for automatically mounting and unmounting filesystems
 Name: autofs
 Version: 5.1.7
-Release: 37%{?dist}
+Release: 38%{?dist}
 Epoch: 1
 License: GPLv2+
 Source: https://www.kernel.org/pub/linux/daemons/autofs/v5/autofs-%{version}-2.tar.gz
@ -139,6 +139,8 @@ Patch111: autofs-5.1.8-fix-memory-leak-in-update_hosts_mounts.patch
 Patch112: autofs-5.1.8-fix-minus-only-option-handling-in-concat_options.patch
 Patch113: autofs-5.1.8-fix-incorrect-path-for-is_mounted-in-try_remount.patch
 Patch114: autofs-5.1.8-fail-on-empty-replicated-host-name.patch
+Patch115: autofs-5.1.8-improve-handling-of-ENOENT-in-sss-setautomntent.patch
+Patch116: autofs-5.1.8-dont-immediately-call-function-when-waiting.patch

 %if %{with_systemd}
 BuildRequires: systemd-units
@ -322,6 +324,8 @@ echo %{version}-%{release} > .version
 %patch112 -p1
 %patch113 -p1
 %patch114 -p1
+%patch115 -p1
+%patch116 -p1

 %build
 LDFLAGS=-Wl,-z,now
@ -430,6 +434,13 @@ fi
 %dir /etc/auto.master.d

 %changelog
+* Mon Mar 27 2023 Ian Kent <ikent@redhat.com> - 1:5.1.7-38
+- bz2170287 - Autofs reports can't connect to sssd, retry for 10
+  seconds when real problem is empty LDAP object
+  - improve handling of ENOENT in sss setautomntent().
+  - dont immediately call function when waiting.
+- Resolves: rhbz#2170287
+
 * Mon Mar 27 2023 Ian Kent <ikent@redhat.com> - 1:5.1.7-37
 - bz2170285 - Users can trigger a simple autofs DoS with wildcard
  automounter maps