Compare commits
No commits in common. "imports/c9/slapi-nis-0.60.0-5.el9_3" and "c8-stream-DL1" have entirely different histories.
imports/c9
...
c8-stream-
|
@ -1,102 +0,0 @@
|
|||
From ee94788e63d9f35daca7c0d1e80a488f738a9c52 Mon Sep 17 00:00:00 2001
|
||||
From: Thierry Bordaz <tbordaz@redhat.com>
|
||||
Date: Fri, 1 Sep 2023 11:02:08 +0200
|
||||
Subject: [PATCH 1/2] BZ 2124214 - schema compat plugin deadlock on delete post
|
||||
op
|
||||
|
||||
Bug description:
|
||||
backends locks (SC map and retroCL) are acquired in
|
||||
the opposite order
|
||||
(https://bugzilla.redhat.com/show_bug.cgi?id=2124214#c17)
|
||||
|
||||
Fix description:
|
||||
Credits of the fix are to Pierre Rogier who found
|
||||
a reproducible testcase, did the fix and verified it.
|
||||
|
||||
In specific condition of retroCL trimming the DEL
|
||||
callback of the SC should check if the backend should
|
||||
be ignored
|
||||
|
||||
relates: 2124214
|
||||
---
|
||||
src/back-shr.c | 12 ++++++++++++
|
||||
1 file changed, 12 insertions(+)
|
||||
|
||||
diff --git a/src/back-shr.c b/src/back-shr.c
|
||||
index ce2b1f3..1792bef 100644
|
||||
--- a/src/back-shr.c
|
||||
+++ b/src/back-shr.c
|
||||
@@ -2811,6 +2811,18 @@ backend_shr_delete_cb(Slapi_PBlock *pb)
|
||||
if (wrap_get_call_level() > 0) {
|
||||
return 0;
|
||||
}
|
||||
+ /* especially important to test if we want to prevent frequent
|
||||
+ * deadlocks when backends are accesses in opposite order.
|
||||
+ * i.e. "regular" update on domain map+retroCL and retroCL trimming
|
||||
+ * retroCL+domain map
|
||||
+ */
|
||||
+ if (backend_shr_write_ignore(pb)) {
|
||||
+#if DEBUG_MAP_LOCK
|
||||
+ slapi_log_error(SLAPI_LOG_FATAL, "schema-compat",
|
||||
+ "backend_shr_delete_cb: (%p) operation is not impacting schema compat\n", PR_MyThreadId(), 1);
|
||||
+#endif
|
||||
+ return 0;
|
||||
+ }
|
||||
|
||||
/* Read parameters from the pblock. */
|
||||
slapi_pblock_get(pb, SLAPI_PLUGIN_PRIVATE, &cbdata.state);
|
||||
--
|
||||
2.41.0
|
||||
|
||||
|
||||
From 61fcf534c3da767788e27641f3ebfe4d6a6c0b25 Mon Sep 17 00:00:00 2001
|
||||
From: Alexander Bokovoy <abokovoy@redhat.com>
|
||||
Date: Mon, 9 Oct 2023 13:53:28 +0300
|
||||
Subject: [PATCH 2/2] Add more ignores to modrdn and modify cases
|
||||
|
||||
BZ 2124214 - schema compat plugin deadlock on delete post op
|
||||
|
||||
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
|
||||
---
|
||||
src/back-shr.c | 18 ++++++++++++++++++
|
||||
1 file changed, 18 insertions(+)
|
||||
|
||||
diff --git a/src/back-shr.c b/src/back-shr.c
|
||||
index 1792bef..4cbc39b 100644
|
||||
--- a/src/back-shr.c
|
||||
+++ b/src/back-shr.c
|
||||
@@ -2463,6 +2463,15 @@ backend_shr_modify_cb(Slapi_PBlock *pb)
|
||||
/* No data yet, ignore */
|
||||
return 0;
|
||||
}
|
||||
+
|
||||
+ if (backend_shr_write_ignore(pb)) {
|
||||
+#if DEBUG_MAP_LOCK
|
||||
+ slapi_log_error(SLAPI_LOG_FATAL, "schema-compat",
|
||||
+ "backend_shr_modify_cb: (%p) operation is not impacting schema compat\n", PR_MyThreadId(), 1);
|
||||
+#endif
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
slapi_pblock_get(pb, SLAPI_MODIFY_TARGET, &dn);
|
||||
slapi_pblock_get(pb, SLAPI_MODIFY_MODS, &cbdata.mods);
|
||||
slapi_pblock_get(pb, SLAPI_ENTRY_PRE_OP, &cbdata.e_pre);
|
||||
@@ -2669,6 +2678,15 @@ backend_shr_modrdn_cb(Slapi_PBlock *pb)
|
||||
/* No data yet, ignore */
|
||||
return 0;
|
||||
}
|
||||
+
|
||||
+ if (backend_shr_write_ignore(pb)) {
|
||||
+#if DEBUG_MAP_LOCK
|
||||
+ slapi_log_error(SLAPI_LOG_FATAL, "schema-compat",
|
||||
+ "backend_shr_modrdn_cb: (%p) operation is not impacting schema compat\n", PR_MyThreadId(), 1);
|
||||
+#endif
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
slapi_pblock_get(pb, SLAPI_ENTRY_PRE_OP, &cbdata.e_pre);
|
||||
slapi_pblock_get(pb, SLAPI_ENTRY_POST_OP, &cbdata.e_post);
|
||||
|
||||
--
|
||||
2.41.0
|
||||
|
|
@ -11,16 +11,16 @@
|
|||
|
||||
Name: slapi-nis
|
||||
Version: 0.60.0
|
||||
Release: 5%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Summary: NIS Server and Schema Compatibility plugins for Directory Server
|
||||
Group: System Environment/Daemons
|
||||
License: GPLv3
|
||||
URL: http://pagure.io/slapi-nis/
|
||||
Source0: https://releases.pagure.org/slapi-nis/slapi-nis-%{version}.tar.gz
|
||||
Source1: https://releases.pagure.org/slapi-nis/slapi-nis-%{version}.tar.gz.asc
|
||||
Patch0: slapi-nis-bz2183950.patch
|
||||
Patch1: slapi-nis-RHEL-5134.patch
|
||||
Patch0: slapi-nis-bz2183469.patch
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: make
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: automake
|
||||
BuildRequires: libtool
|
||||
|
@ -38,7 +38,7 @@ BuildRequires: libtirpc-devel
|
|||
%else
|
||||
BuildRequires: libnsl2-devel
|
||||
%endif
|
||||
%if 0%{?fedora} > 27 || 0%{?rhel} >= 9
|
||||
%if 0%{?fedora} > 27 || 0%{?rhel} > 7
|
||||
ExcludeArch: %{ix86}
|
||||
%endif
|
||||
Requires: 389-ds-base >= 1.3.5.6
|
||||
|
@ -59,7 +59,6 @@ for attributes from multiple entries in the tree.
|
|||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
|
||||
%build
|
||||
autoconf --force
|
||||
|
@ -81,97 +80,74 @@ make check
|
|||
%endif
|
||||
|
||||
%files
|
||||
%defattr(-,root,root,-)
|
||||
%doc COPYING NEWS README STATUS doc/*.txt doc/examples/*.ldif doc/ipa
|
||||
%{_mandir}/man1/*
|
||||
%{_libdir}/dirsrv/plugins/*.so
|
||||
%{_sbindir}/nisserver-plugin-defs
|
||||
|
||||
%changelog
|
||||
* Tue Oct 10 2023 Alexander Bokovoy <abokovoy@redhat.com> - 0.60.0-5
|
||||
- Ignore updates from non-tracked subtrees during modify/modrdn/update
|
||||
to avoid deadlocks with retro changelog
|
||||
- Resolves: RHEL-11983
|
||||
|
||||
* Mon Apr 24 2023 Alexander Bokovoy <abokovoy@redhat.com> - 0.60.0-4
|
||||
* Mon Apr 24 2023 Alexander Bokovoy <abokovoy@redhat.com> - 0.60.0-3
|
||||
- Also handle base searches within the compat tree
|
||||
- Related: rhbz#2183950
|
||||
- Related: rhbz#2183469
|
||||
|
||||
* Wed Apr 12 2023 Alexander Bokovoy <abokovoy@redhat.com> - 0.60.0-3
|
||||
* Wed Apr 12 2023 Alexander Bokovoy <abokovoy@redhat.com> - 0.60.0-2
|
||||
- Fix base DN searches outside the compat tree
|
||||
- Resolves: rhbz#2183950
|
||||
|
||||
* Sun Aug 21 2022 Alexander Bokovoy <abokovoy@redhat.com> - 0.60.0-2
|
||||
- Rebuild to fix changelog
|
||||
- Related: rhbz#2117299
|
||||
- Resolves: rhbz#2183469
|
||||
|
||||
* Sat Aug 20 2022 Alexander Bokovoy <abokovoy@redhat.com> - 0.60.0-1
|
||||
- upstream release 0.60.0
|
||||
- Change license from GPLv2 to GPLv3+ to follow 389-ds licensing
|
||||
- Fix ID views integration
|
||||
- Resolves: rhbz#1984010
|
||||
Fix ID views integration
|
||||
- Fix base scope lookups
|
||||
- Bump NIS max dgram size to 8KB by default instead of 1KB
|
||||
- Resolves: rhbz#2117299
|
||||
- Resolves: rhbz#1784172
|
||||
Bump NIS max dgram size to 8KB by default instead of 1KB
|
||||
- Resolves: rhbz#2070575
|
||||
Allow to rebuild the compat tree
|
||||
|
||||
* Fri Jan 21 2022 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.7-4
|
||||
- Rebuild against libnsl 2.0.0
|
||||
- Related: rhbz#2039220
|
||||
* Mon Sep 13 2021 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.6-4
|
||||
- Resolves: rhbz#2000919 - memory leak in backend_search_cb
|
||||
|
||||
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 0.56.7-3
|
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||
Related: rhbz#1991688
|
||||
* Thu Jul 01 2021 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.6-3
|
||||
- Resolves: rhbz#1958909 - fix regression for scoped searches in compat tree
|
||||
- Resolves: rhbz#1978189 - better handle error response from libsss_nss_idmap
|
||||
|
||||
* Wed Jul 07 2021 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.7-2
|
||||
- Resolves: rhbz#1979619
|
||||
IPA: High CPU utilization (over 1000% plus) by ns-slapd process
|
||||
- Resolves: rhbz#1979623
|
||||
With base object scope, ldapsearch against compat tree does not return any data on Rhel8 IPA servers.
|
||||
|
||||
* Wed May 19 2021 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.7-1
|
||||
- CVE-2021-3480: invalid bind DN crash
|
||||
- New upstream release
|
||||
- Resolves: rhbz#1947351
|
||||
|
||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.56.6-3
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.56.6-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||
* Wed Apr 07 2021 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.6-2
|
||||
- CVE 2021-3480: idm:DL1/slapi-nis: NULL dereference (DoS) with specially crafted Binding DN
|
||||
- Resolves: rhbz#1944713
|
||||
|
||||
* Fri Dec 04 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.6-1
|
||||
- New upstream release
|
||||
- Ignore searches which don't match any configured map
|
||||
- Upstream release 0.56.6
|
||||
- Resolves rhbz#1891741
|
||||
|
||||
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.56.5-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
* Mon Sep 14 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.5-4
|
||||
- Ignore unmatched searches
|
||||
- Resolves: rhbz#1874015
|
||||
|
||||
* Thu Sep 10 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.5-3
|
||||
- Fix memory leaks in ID views processing
|
||||
- Resolves: rhbz#1875348
|
||||
|
||||
* Wed May 06 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.5-2
|
||||
- Initialize map locks in NIS plugin to prevent crash
|
||||
- Initialize map lock in NIS plugin
|
||||
- Resolves: rhbz#1832331
|
||||
|
||||
* Mon May 04 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.5-1
|
||||
- New upstream release
|
||||
- Upstream release 0.56.5
|
||||
- Resolves: rhbz#1751295: (2) When sync-repl is enabled, slapi-nis can deadlock during retrochanglog trimming
|
||||
- Resolves: rhbz#1768156: ERR - schemacompat - map rdlock: old way MAP_MONITOR_DISABLED
|
||||
|
||||
* Fri Feb 07 2020 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.4-1
|
||||
* Fri Aug 16 2019 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.3-2
|
||||
- Resolves rhbz#1741881
|
||||
ns-slapd is crashing intermittently
|
||||
|
||||
* Wed Jun 05 2019 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.3-1
|
||||
- New upstream release
|
||||
- Fix build with newer gcc versions
|
||||
- Resolves rhbz#1800097
|
||||
- Resolves rhbz#1684563
|
||||
|
||||
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.56.3-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||
|
||||
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.56.3-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
* Thu Jun 06 2019 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.3-1
|
||||
- New upstream release
|
||||
|
||||
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.56.2-8
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||
|
||||
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.56.2-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
* Mon Jul 23 2018 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.2-7
|
||||
- 389-ds is not available on i686 architecture, don't build there
|
||||
|
||||
* Wed May 02 2018 Alexander Bokovoy <abokovoy@redhat.com> - 0.56.2-6
|
||||
- Force rebuild of configure
|
||||
|
|
Loading…
Reference in New Issue