Resolves: rhbz#2106660 - [regression] sssd goes offline with forced ldaps configuration
Resolves: rhbz#2109451 - virsh command will hang after the host run several auto test cases Resolves: rhbz#2098654 - cache_req_data_set_hybrid_lookup: cache_req_data should never be NULL Resolves: rhbz#2106685 - [regression] sssctl analyze fails to parse PAM related sssd logs
This commit is contained in:
parent
1b653c21ec
commit
0bcf677ee4
51
0001-Makefile-remove-unneeded-dependency.patch
Normal file
51
0001-Makefile-remove-unneeded-dependency.patch
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
From 4e9e83210601043abab6098f2bda67ae6704fe3e Mon Sep 17 00:00:00 2001
|
||||||
|
From: Alexey Tikhonov <atikhono@redhat.com>
|
||||||
|
Date: Thu, 21 Jul 2022 20:16:32 +0200
|
||||||
|
Subject: [PATCH] Makefile: remove unneeded dependency
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
|
||||||
|
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
||||||
|
(cherry picked from commit c6226c2986ffae9ed17562eb40407367ca37d23f)
|
||||||
|
---
|
||||||
|
Makefile.am | 4 ----
|
||||||
|
1 file changed, 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/Makefile.am b/Makefile.am
|
||||||
|
index 669a0fc56..92d046888 100644
|
||||||
|
--- a/Makefile.am
|
||||||
|
+++ b/Makefile.am
|
||||||
|
@@ -1766,12 +1766,10 @@ sssd_kcm_CFLAGS = \
|
||||||
|
$(KRB5_CFLAGS) \
|
||||||
|
$(UUID_CFLAGS) \
|
||||||
|
$(CURL_CFLAGS) \
|
||||||
|
- $(JANSSON_CFLAGS) \
|
||||||
|
$(NULL)
|
||||||
|
sssd_kcm_LDADD = \
|
||||||
|
$(LIBADD_DL) \
|
||||||
|
$(KRB5_LIBS) \
|
||||||
|
- $(JANSSON_LIBS) \
|
||||||
|
$(SSSD_LIBS) \
|
||||||
|
$(UUID_LIBS) \
|
||||||
|
$(SYSTEMD_DAEMON_LIBS) \
|
||||||
|
@@ -3792,7 +3790,6 @@ test_kcm_marshalling_CFLAGS = \
|
||||||
|
$(UUID_CFLAGS) \
|
||||||
|
$(NULL)
|
||||||
|
test_kcm_marshalling_LDADD = \
|
||||||
|
- $(JANSSON_LIBS) \
|
||||||
|
$(UUID_LIBS) \
|
||||||
|
$(KRB5_LIBS) \
|
||||||
|
$(CMOCKA_LIBS) \
|
||||||
|
@@ -3855,7 +3852,6 @@ test_kcm_renewals_LDFLAGS = \
|
||||||
|
test_kcm_renewals_LDADD = \
|
||||||
|
$(LIBADD_DL) \
|
||||||
|
$(UUID_LIBS) \
|
||||||
|
- $(JANSSON_LIBS) \
|
||||||
|
$(KRB5_LIBS) \
|
||||||
|
$(CARES_LIBS) \
|
||||||
|
$(CMOCKA_LIBS) \
|
||||||
|
--
|
||||||
|
2.37.1
|
||||||
|
|
155
0002-CLIENT-MC-store-context-mutex-outside-of-context-as-.patch
Normal file
155
0002-CLIENT-MC-store-context-mutex-outside-of-context-as-.patch
Normal file
@ -0,0 +1,155 @@
|
|||||||
|
From 03142f8de42faf4f75465d24d3be9a49c2dd86f7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Alexey Tikhonov <atikhono@redhat.com>
|
||||||
|
Date: Fri, 29 Jul 2022 14:57:20 +0200
|
||||||
|
Subject: [PATCH] CLIENT:MC: store context mutex outside of context as it
|
||||||
|
should survive context destruction / re-initialization
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
||||||
|
(cherry picked from commit 0f3a761ed9d654a61f8caed8eae3863c518b9911)
|
||||||
|
---
|
||||||
|
src/sss_client/nss_mc.h | 4 ++--
|
||||||
|
src/sss_client/nss_mc_common.c | 10 ++++++++--
|
||||||
|
src/sss_client/nss_mc_group.c | 5 +++++
|
||||||
|
src/sss_client/nss_mc_initgr.c | 5 +++++
|
||||||
|
src/sss_client/nss_mc_passwd.c | 5 +++++
|
||||||
|
src/sss_client/nss_mc_sid.c | 5 +++++
|
||||||
|
6 files changed, 30 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/sss_client/nss_mc.h b/src/sss_client/nss_mc.h
|
||||||
|
index b66e8f09f..de1496ccc 100644
|
||||||
|
--- a/src/sss_client/nss_mc.h
|
||||||
|
+++ b/src/sss_client/nss_mc.h
|
||||||
|
@@ -48,7 +48,7 @@ enum sss_mc_state {
|
||||||
|
struct sss_cli_mc_ctx {
|
||||||
|
enum sss_mc_state initialized;
|
||||||
|
#if HAVE_PTHREAD
|
||||||
|
- pthread_mutex_t mutex;
|
||||||
|
+ pthread_mutex_t *mutex;
|
||||||
|
#endif
|
||||||
|
int fd;
|
||||||
|
|
||||||
|
@@ -67,7 +67,7 @@ struct sss_cli_mc_ctx {
|
||||||
|
};
|
||||||
|
|
||||||
|
#if HAVE_PTHREAD
|
||||||
|
-#define SSS_CLI_MC_CTX_INITIALIZER {UNINITIALIZED, PTHREAD_MUTEX_INITIALIZER, 1, 0, NULL, 0, NULL, 0, NULL, 0, 0}
|
||||||
|
+#define SSS_CLI_MC_CTX_INITIALIZER(mtx) {UNINITIALIZED, (mtx), 1, 0, NULL, 0, NULL, 0, NULL, 0, 0}
|
||||||
|
#else
|
||||||
|
#define SSS_CLI_MC_CTX_INITIALIZER {UNINITIALIZED, 1, 0, NULL, 0, NULL, 0, NULL, 0, 0}
|
||||||
|
#endif
|
||||||
|
diff --git a/src/sss_client/nss_mc_common.c b/src/sss_client/nss_mc_common.c
|
||||||
|
index c73a93a9a..f38a4a85a 100644
|
||||||
|
--- a/src/sss_client/nss_mc_common.c
|
||||||
|
+++ b/src/sss_client/nss_mc_common.c
|
||||||
|
@@ -58,14 +58,14 @@ do { \
|
||||||
|
static void sss_mt_lock(struct sss_cli_mc_ctx *ctx)
|
||||||
|
{
|
||||||
|
#if HAVE_PTHREAD
|
||||||
|
- pthread_mutex_lock(&ctx->mutex);
|
||||||
|
+ pthread_mutex_lock(ctx->mutex);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
static void sss_mt_unlock(struct sss_cli_mc_ctx *ctx)
|
||||||
|
{
|
||||||
|
#if HAVE_PTHREAD
|
||||||
|
- pthread_mutex_unlock(&ctx->mutex);
|
||||||
|
+ pthread_mutex_unlock(ctx->mutex);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -131,6 +131,9 @@ errno_t sss_nss_check_header(struct sss_cli_mc_ctx *ctx)
|
||||||
|
static void sss_nss_mc_destroy_ctx(struct sss_cli_mc_ctx *ctx)
|
||||||
|
{
|
||||||
|
uint32_t active_threads = ctx->active_threads;
|
||||||
|
+#if HAVE_PTHREAD
|
||||||
|
+ pthread_mutex_t *mutex = ctx->mutex;
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
if ((ctx->mmap_base != NULL) && (ctx->mmap_size != 0)) {
|
||||||
|
munmap(ctx->mmap_base, ctx->mmap_size);
|
||||||
|
@@ -143,6 +146,9 @@ static void sss_nss_mc_destroy_ctx(struct sss_cli_mc_ctx *ctx)
|
||||||
|
|
||||||
|
/* restore count of active threads */
|
||||||
|
ctx->active_threads = active_threads;
|
||||||
|
+#if HAVE_PTHREAD
|
||||||
|
+ ctx->mutex = mutex;
|
||||||
|
+#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
static errno_t sss_nss_mc_init_ctx(const char *name,
|
||||||
|
diff --git a/src/sss_client/nss_mc_group.c b/src/sss_client/nss_mc_group.c
|
||||||
|
index 2ea40c435..d4f2a82ab 100644
|
||||||
|
--- a/src/sss_client/nss_mc_group.c
|
||||||
|
+++ b/src/sss_client/nss_mc_group.c
|
||||||
|
@@ -29,7 +29,12 @@
|
||||||
|
#include "nss_mc.h"
|
||||||
|
#include "shared/safealign.h"
|
||||||
|
|
||||||
|
+#if HAVE_PTHREAD
|
||||||
|
+static pthread_mutex_t gr_mc_ctx_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||||
|
+static struct sss_cli_mc_ctx gr_mc_ctx = SSS_CLI_MC_CTX_INITIALIZER(&gr_mc_ctx_mutex);
|
||||||
|
+#else
|
||||||
|
static struct sss_cli_mc_ctx gr_mc_ctx = SSS_CLI_MC_CTX_INITIALIZER;
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
static errno_t sss_nss_mc_parse_result(struct sss_mc_rec *rec,
|
||||||
|
struct group *result,
|
||||||
|
diff --git a/src/sss_client/nss_mc_initgr.c b/src/sss_client/nss_mc_initgr.c
|
||||||
|
index b05946263..bd7282935 100644
|
||||||
|
--- a/src/sss_client/nss_mc_initgr.c
|
||||||
|
+++ b/src/sss_client/nss_mc_initgr.c
|
||||||
|
@@ -32,7 +32,12 @@
|
||||||
|
#include "nss_mc.h"
|
||||||
|
#include "shared/safealign.h"
|
||||||
|
|
||||||
|
+#if HAVE_PTHREAD
|
||||||
|
+static pthread_mutex_t initgr_mc_ctx_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||||
|
+static struct sss_cli_mc_ctx initgr_mc_ctx = SSS_CLI_MC_CTX_INITIALIZER(&initgr_mc_ctx_mutex);
|
||||||
|
+#else
|
||||||
|
static struct sss_cli_mc_ctx initgr_mc_ctx = SSS_CLI_MC_CTX_INITIALIZER;
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
static errno_t sss_nss_mc_parse_result(struct sss_mc_rec *rec,
|
||||||
|
long int *start, long int *size,
|
||||||
|
diff --git a/src/sss_client/nss_mc_passwd.c b/src/sss_client/nss_mc_passwd.c
|
||||||
|
index 01c6801da..256d48444 100644
|
||||||
|
--- a/src/sss_client/nss_mc_passwd.c
|
||||||
|
+++ b/src/sss_client/nss_mc_passwd.c
|
||||||
|
@@ -28,7 +28,12 @@
|
||||||
|
#include <time.h>
|
||||||
|
#include "nss_mc.h"
|
||||||
|
|
||||||
|
+#if HAVE_PTHREAD
|
||||||
|
+static pthread_mutex_t pw_mc_ctx_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||||
|
+static struct sss_cli_mc_ctx pw_mc_ctx = SSS_CLI_MC_CTX_INITIALIZER(&pw_mc_ctx_mutex);
|
||||||
|
+#else
|
||||||
|
static struct sss_cli_mc_ctx pw_mc_ctx = SSS_CLI_MC_CTX_INITIALIZER;
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
static errno_t sss_nss_mc_parse_result(struct sss_mc_rec *rec,
|
||||||
|
struct passwd *result,
|
||||||
|
diff --git a/src/sss_client/nss_mc_sid.c b/src/sss_client/nss_mc_sid.c
|
||||||
|
index af7d7bbd5..52e684da5 100644
|
||||||
|
--- a/src/sss_client/nss_mc_sid.c
|
||||||
|
+++ b/src/sss_client/nss_mc_sid.c
|
||||||
|
@@ -30,7 +30,12 @@
|
||||||
|
#include "util/mmap_cache.h"
|
||||||
|
#include "idmap/sss_nss_idmap.h"
|
||||||
|
|
||||||
|
+#if HAVE_PTHREAD
|
||||||
|
+static pthread_mutex_t sid_mc_ctx_mutex = PTHREAD_MUTEX_INITIALIZER;
|
||||||
|
+static struct sss_cli_mc_ctx sid_mc_ctx = SSS_CLI_MC_CTX_INITIALIZER(&sid_mc_ctx_mutex);
|
||||||
|
+#else
|
||||||
|
static struct sss_cli_mc_ctx sid_mc_ctx = SSS_CLI_MC_CTX_INITIALIZER;
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
static errno_t mc_get_sid_by_typed_id(uint32_t id, enum sss_id_type object_type,
|
||||||
|
char **sid, uint32_t *type,
|
||||||
|
--
|
||||||
|
2.37.1
|
||||||
|
|
36
0003-CACHE_REQ-Fix-hybrid-lookup-log-spamming.patch
Normal file
36
0003-CACHE_REQ-Fix-hybrid-lookup-log-spamming.patch
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
From 49eb871847a94311bbd2190a315230e4bae1ea2c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Justin Stephenson <jstephen@redhat.com>
|
||||||
|
Date: Mon, 1 Aug 2022 09:54:51 -0400
|
||||||
|
Subject: [PATCH] CACHE_REQ: Fix hybrid lookup log spamming
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Skip calling cache_req_data_set_hybrid_lookup() when hybrid data
|
||||||
|
is NULL for certain NSS request types (e.g. Service by Name).
|
||||||
|
|
||||||
|
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
|
||||||
|
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
||||||
|
(cherry picked from commit 96a1dce8096d45e986ab01aaac11d8c77c36d1d7)
|
||||||
|
---
|
||||||
|
src/responder/nss/nss_get_object.c | 4 +++-
|
||||||
|
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/responder/nss/nss_get_object.c b/src/responder/nss/nss_get_object.c
|
||||||
|
index 9762d6bfe..5a2e7e9bd 100644
|
||||||
|
--- a/src/responder/nss/nss_get_object.c
|
||||||
|
+++ b/src/responder/nss/nss_get_object.c
|
||||||
|
@@ -171,7 +171,9 @@ hybrid_domain_retry_data(TALLOC_CTX *mem_ctx,
|
||||||
|
input_name);
|
||||||
|
}
|
||||||
|
|
||||||
|
- cache_req_data_set_hybrid_lookup(hybrid_data, true);
|
||||||
|
+ if (hybrid_data != NULL) {
|
||||||
|
+ cache_req_data_set_hybrid_lookup(hybrid_data, true);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
return hybrid_data;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.37.1
|
||||||
|
|
30
0004-Analyzer-Fix-escaping-raw-fstring.patch
Normal file
30
0004-Analyzer-Fix-escaping-raw-fstring.patch
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
From f90205831c44cc2849c7221e5117b6af808411c3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Justin Stephenson <jstephen@redhat.com>
|
||||||
|
Date: Thu, 14 Jul 2022 11:21:04 -0400
|
||||||
|
Subject: [PATCH] Analyzer: Fix escaping raw fstring
|
||||||
|
|
||||||
|
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
|
||||||
|
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
(cherry picked from commit 3d8622031b5240e215201aae1f9c9d05624cca19)
|
||||||
|
---
|
||||||
|
src/tools/analyzer/modules/request.py | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/tools/analyzer/modules/request.py b/src/tools/analyzer/modules/request.py
|
||||||
|
index b8dd9b25c..935e13adc 100644
|
||||||
|
--- a/src/tools/analyzer/modules/request.py
|
||||||
|
+++ b/src/tools/analyzer/modules/request.py
|
||||||
|
@@ -243,8 +243,8 @@ class RequestAnalyzer:
|
||||||
|
be_results = False
|
||||||
|
component = source.Component.NSS
|
||||||
|
resp = "nss"
|
||||||
|
- pattern = [rf'REQ_TRACE.*\[CID #{cid}\\]']
|
||||||
|
- pattern.append(rf"\[CID#{cid}\\]")
|
||||||
|
+ pattern = [rf'REQ_TRACE.*\[CID #{cid}\]']
|
||||||
|
+ pattern.append(rf"\[CID#{cid}\]")
|
||||||
|
|
||||||
|
if args.pam:
|
||||||
|
component = source.Component.PAM
|
||||||
|
--
|
||||||
|
2.37.1
|
||||||
|
|
13
sssd.spec
13
sssd.spec
@ -27,14 +27,17 @@
|
|||||||
|
|
||||||
Name: sssd
|
Name: sssd
|
||||||
Version: 2.7.3
|
Version: 2.7.3
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
Summary: System Security Services Daemon
|
Summary: System Security Services Daemon
|
||||||
License: GPLv3+
|
License: GPLv3+
|
||||||
URL: https://github.com/SSSD/sssd/
|
URL: https://github.com/SSSD/sssd/
|
||||||
Source0: https://github.com/SSSD/sssd/releases/download/%{version}/sssd-%{version}.tar.gz
|
Source0: https://github.com/SSSD/sssd/releases/download/%{version}/sssd-%{version}.tar.gz
|
||||||
|
|
||||||
### Patches ###
|
### Patches ###
|
||||||
#Patch0001:
|
Patch0001: 0001-Makefile-remove-unneeded-dependency.patch
|
||||||
|
Patch0002: 0002-CLIENT-MC-store-context-mutex-outside-of-context-as-.patch
|
||||||
|
Patch0003: 0003-CACHE_REQ-Fix-hybrid-lookup-log-spamming.patch
|
||||||
|
Patch0004: 0004-Analyzer-Fix-escaping-raw-fstring.patch
|
||||||
|
|
||||||
### Dependencies ###
|
### Dependencies ###
|
||||||
|
|
||||||
@ -1059,6 +1062,12 @@ fi
|
|||||||
%systemd_postun_with_restart sssd.service
|
%systemd_postun_with_restart sssd.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Aug 8 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-2
|
||||||
|
- Resolves: rhbz#2106660 - [regression] sssd goes offline with forced ldaps configuration
|
||||||
|
- Resolves: rhbz#2109451 - virsh command will hang after the host run several auto test cases
|
||||||
|
- Resolves: rhbz#2098654 - cache_req_data_set_hybrid_lookup: cache_req_data should never be NULL
|
||||||
|
- Resolves: rhbz#2106685 - [regression] sssctl analyze fails to parse PAM related sssd logs
|
||||||
|
|
||||||
* Tue Jul 5 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-1
|
* Tue Jul 5 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-1
|
||||||
- Resolves: rhbz#2069376 - Rebase SSSD for RHEL 9.1
|
- Resolves: rhbz#2069376 - Rebase SSSD for RHEL 9.1
|
||||||
- Resolves: rhbz#1936551 - [Improvement] Provide user feedback when login fails due to blocked PIN
|
- Resolves: rhbz#1936551 - [Improvement] Provide user feedback when login fails due to blocked PIN
|
||||||
|
Loading…
Reference in New Issue
Block a user