sssd/0011-intg-flush-the-SSSD-caches-to-sync-with-files.patch

45 lines
1.8 KiB
Diff
Raw Normal View History

Backport a bunch of upstream fixes - Resolves: upstream#3821 - crash related to sbus_router_destructor() - Resolves: upstream#3810 - sbus2: fix memory leak in sbus_message_bound_ref - Resolves: upstream#3819 - sssd only sets the SELinux login context if it differs from the default - Resolves: upstream#3807 - The sbus codegen script relies on "python" which might not be available on all distributions - Resolves: upstream#3820 - sudo: search with lower cased name for case insensitive domains - Resolves: upstream#3701 - [RFE] Allow changing default behavior of SSSD from an allow-any default to a deny-any default when it can't find any GPOs to apply to a user login. - Resolves: upstream#3828 - Invalid domain provider causes SSSD to abort startup - Resolves: upstream#3500 - Make sure sssd is a replacement for pam_pkcs11 also for local account authentication - Resolves: upstream#3812 - sssd 2.0.0 segfaults on startup - Resolves: upstream#3826 - Remove references of sss_user/group/add/del commands in man pages since local provider is deprecated - Resolves: upstream#3827 - SSSD should log to syslog if a domain is not started due to a misconfiguration - Resolves: upstream#3830 - Printing incorrect information about domain with sssctl utility - Resolves: upstream#3489 - p11_child should work wit openssl1.0+ - Resolves: upstream#3750 - [RFE] man 5 sssd-files should mention necessary changes in nsswitch.conf - Resovles: upstream#3650 - RFE: Require smartcard authentication - Resolves: upstream#3334 - sssctl config-check does not check any special characters in domain name of domain section - Resolves: upstream#3849 - Files: The files provider always enumerates which causes duplicate when running getent passwd - Related: upstream#3855 - session not recording for local user when groups defined - Resolves: upstream#3802 - Reuse sysdb_error_to_errno() outside sysdb - Related: upstream#3493 - Remove the pysss.local interface
2018-10-24 08:34:15 +00:00
From 1e2398870e8aa512ead3012d46cbe6252429467a Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Mon, 10 Sep 2018 15:35:45 +0200
Subject: [PATCH 16/83] intg: flush the SSSD caches to sync with files
To make sure that SSSD has synced with the latest data added to the
passwd file sss_cache is called in two places where the current sync
scheme was not reliable. This was mainly observed when running the
integration tests on Debian.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
src/tests/intg/test_files_provider.py | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/tests/intg/test_files_provider.py b/src/tests/intg/test_files_provider.py
index 9f30d2b..ead1cc4 100644
--- a/src/tests/intg/test_files_provider.py
+++ b/src/tests/intg/test_files_provider.py
@@ -644,6 +644,10 @@ def test_enum_users(setup_pw_with_canary, files_domain_only):
user = user_generator(i)
setup_pw_with_canary.useradd(**user)
+ # syncing with the help of the canary is not reliable after adding
+ # multiple users because the canary might still be in some caches so that
+ # the data is not refreshed properly.
+ subprocess.call(["sss_cache", "-E"])
sssd_getpwnam_sync(CANARY["name"])
user_list = call_sssd_enumeration()
# +1 because the canary is added
@@ -1043,6 +1047,10 @@ def test_getgrnam_add_remove_ghosts(setup_pw_with_canary,
# Add this user and verify it's been added as a member
pwd_ops.useradd(**USER2)
+ # The negative cache might still have user2 from the previous request,
+ # flushing the caches might help to prevent a failed lookup after adding
+ # the user.
+ subprocess.call(["sss_cache", "-E"])
res, groups = sssd_id_sync('user2')
assert res == sssd_id.NssReturnCode.SUCCESS
assert len(groups) == 2
--
2.9.5