diff --git a/0001-sbus-use-120-second-default-timeout.patch b/0001-sbus-use-120-second-default-timeout.patch new file mode 100644 index 0000000..a4dbfdd --- /dev/null +++ b/0001-sbus-use-120-second-default-timeout.patch @@ -0,0 +1,42 @@ +From 04c1909a0c1c13eee10141f08eff2048decc2e49 Mon Sep 17 00:00:00 2001 +From: Adam Williamson +Date: Wed, 12 Dec 2018 22:28:15 -0800 +Subject: [PATCH] sbus: use 120 second default timeout + +As discussed in #1654537, first login to a system as a FreeIPA +domain user now usually causes an expensive SELinux operation +to happen; this can take longer than the default bus message +timeout of 25 seconds. To deal with this for now, let's use a +120 second default timeout; this is a big hammer, but unless we +can refactor things to use a longer timeout just for that one +call, or make the actual operation take less time, there's not +much else we can do. + +Resolves: +https://bugzilla.redhat.com/show_bug.cgi?id=1654537 + +Signed-off-by: Adam Williamson +--- + src/sbus/sbus_message.h | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/sbus/sbus_message.h b/src/sbus/sbus_message.h +index e7b8fe594..7ae634ece 100644 +--- a/src/sbus/sbus_message.h ++++ b/src/sbus/sbus_message.h +@@ -27,8 +27,10 @@ + #include "util/util.h" + #include "sbus/sbus_errors.h" + +-/* Use reasonable default timeout which is computed in libdbus */ +-#define SBUS_MESSAGE_TIMEOUT -1 ++/* Use longer default timeout than libdbus default due to expensive ++ * selinux operation: see https://bugzilla.redhat.com/show_bug.cgi?id=1654537 ++ */ ++#define SBUS_MESSAGE_TIMEOUT 120000 + + /** + * Bound message with a talloc context. +-- +2.20.0 + diff --git a/sssd.spec b/sssd.spec index c289759..99fe73d 100644 --- a/sssd.spec +++ b/sssd.spec @@ -36,7 +36,7 @@ Name: sssd Version: 2.0.0 -Release: 5%{?dist} +Release: 6%{?dist} Group: Applications/System Summary: System Security Services Daemon License: GPLv3+ @@ -117,6 +117,10 @@ Patch0069: 0069-PYSSS-Re-add-the-pysss.getgrouplist-interface.patch ### Downstream only patches ### Patch0502: 0502-SYSTEMD-Use-capabilities.patch +# https://github.com/SSSD/sssd/pull/715 +# https://bugzilla.redhat.com/show_bug.cgi?id=1654537 +Patch1000: 0001-sbus-use-120-second-default-timeout.patch + ### Dependencies ### Requires: sssd-common = %{version}-%{release} @@ -1194,6 +1198,9 @@ fi %{_libdir}/%{name}/modules/libwbclient.so %changelog +* Wed Dec 12 2018 Adam Williamson - 2.0.0-6 +- Resolves: rhbz#1654537 - sbus: use 120 second default timeout + * Wed Nov 07 2018 Michal Židek - 2.0.0-5 - Resolves: rhbz#1629737 - sssd: Remove python2 (sub)packages from Fedora 30+