From 7ac8b3c4b53cbf15f959e90fa033a2c0386812ca Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lslebodn@fedoraproject.org>
Date: Fri, 3 Nov 2017 16:13:22 +0100
Subject: [PATCH] Resolves: upstream#3529 - sssd-kcm Fix restart during/after
 upgrade

---
 ...KCM-Fix-restart-during-after-upgrade.patch | 55 +++++++++++++++++++
 ...ing-idle-socket-activated-responders.patch | 39 +++++++++++++
 sssd.spec                                     |  7 ++-
 3 files changed, 100 insertions(+), 1 deletion(-)
 create mode 100644 0001-KCM-Fix-restart-during-after-upgrade.patch
 create mode 100644 0503-Disable-stopping-idle-socket-activated-responders.patch

diff --git a/0001-KCM-Fix-restart-during-after-upgrade.patch b/0001-KCM-Fix-restart-during-after-upgrade.patch
new file mode 100644
index 0000000..f37fc5a
--- /dev/null
+++ b/0001-KCM-Fix-restart-during-after-upgrade.patch
@@ -0,0 +1,55 @@
+From 53d1459e9b87196b4f6e327f0f5db4d9229bf541 Mon Sep 17 00:00:00 2001
+From: Lukas Slebodnik <lslebodn@redhat.com>
+Date: Fri, 3 Nov 2017 11:43:18 +0100
+Subject: [PATCH] KCM: Fix restart during/after upgrade
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Oct 02 12:26:57 host systemd[1]: Closed SSSD Kerberos Cache Manager responder socket.
+Oct 02 12:26:57 host systemd[1]: Stopping SSSD Kerberos Cache Manager responder socket.
+Oct 02 12:26:57 host systemd[1]: sssd-kcm.socket: Socket service sssd-kcm.service already active, refusing.
+Oct 02 12:26:57 host systemd[1]: Failed to listen on SSSD Kerberos Cache Manager responder socket.
+Oct 02 12:26:57 host systemd[1]: Stopping SSSD Kerberos Cache Manager...
+Oct 02 12:26:57 host sssd[kcm][21492]: Shutting down
+Oct 02 12:26:57 host systemd[1]: Stopped SSSD Kerberos Cache Manager.
+
+Resolves:
+https://pagure.io/SSSD/sssd/issue/3529
+
+Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
+Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
+---
+ src/sysv/systemd/sssd-kcm.service.in     | 2 ++
+ src/sysv/systemd/sssd-secrets.service.in | 2 ++
+ 2 files changed, 4 insertions(+)
+
+diff --git a/src/sysv/systemd/sssd-kcm.service.in b/src/sysv/systemd/sssd-kcm.service.in
+index 92306f97ec73a775739bfdb4454df14956e5e133..8d689bfd7e7ea720c97b5df2571289fd777e1547 100644
+--- a/src/sysv/systemd/sssd-kcm.service.in
++++ b/src/sysv/systemd/sssd-kcm.service.in
+@@ -1,6 +1,8 @@
+ [Unit]
+ Description=SSSD Kerberos Cache Manager
+ Documentation=man:sssd-kcm(5)
++Requires=sssd-kcm.socket
++After=sssd-kcm.socket
+ 
+ [Install]
+ Also=sssd-kcm.socket
+diff --git a/src/sysv/systemd/sssd-secrets.service.in b/src/sysv/systemd/sssd-secrets.service.in
+index a7b41e0b16a5fa882546b41047e616fd2140329f..a9756acf8a3c71e861b443259c0713380ac005f3 100644
+--- a/src/sysv/systemd/sssd-secrets.service.in
++++ b/src/sysv/systemd/sssd-secrets.service.in
+@@ -1,6 +1,8 @@
+ [Unit]
+ Description=SSSD Secrets Service responder
+ Documentation=man:sssd-secrets(5)
++Requires=sssd-secrets.socket
++After=sssd-secrets.socket
+ 
+ [Install]
+ Also=sssd-secrets.socket
+-- 
+2.14.3
+
diff --git a/0503-Disable-stopping-idle-socket-activated-responders.patch b/0503-Disable-stopping-idle-socket-activated-responders.patch
new file mode 100644
index 0000000..58dc538
--- /dev/null
+++ b/0503-Disable-stopping-idle-socket-activated-responders.patch
@@ -0,0 +1,39 @@
+From 232305dd10b81955a3ee9dfc6d56c2d76ad5706f Mon Sep 17 00:00:00 2001
+From: Lukas Slebodnik <lslebodn@redhat.com>
+Date: Fri, 3 Nov 2017 16:18:14 +0100
+Subject: [PATCH] Disable stopping idle socket activated responders
+
+---
+ src/confdb/confdb.h     | 2 +-
+ src/man/sssd.conf.5.xml | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
+index 1471949623e9dd7a8536e3ac3048a10227a5d857..e30e77bf50b7312b3f660241c92a1b3c03e88259 100644
+--- a/src/confdb/confdb.h
++++ b/src/confdb/confdb.h
+@@ -85,7 +85,7 @@
+ /* Responders */
+ #define CONFDB_RESPONDER_GET_DOMAINS_TIMEOUT "get_domains_timeout"
+ #define CONFDB_RESPONDER_CLI_IDLE_TIMEOUT "client_idle_timeout"
+-#define CONFDB_RESPONDER_CLI_IDLE_DEFAULT_TIMEOUT 60
++#define CONFDB_RESPONDER_CLI_IDLE_DEFAULT_TIMEOUT 0
+ #define CONFDB_RESPONDER_LOCAL_NEG_TIMEOUT "local_negative_timeout"
+ #define CONFDB_RESPONDER_IDLE_TIMEOUT "responder_idle_timeout"
+ #define CONFDB_RESPONDER_IDLE_DEFAULT_TIMEOUT 300
+diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
+index 6be3cd47463ec054276a0b6b2be7ec03eef1f0be..d362ba71cfbeb6271fc87abd9743ca7a77f9f3ec 100644
+--- a/src/man/sssd.conf.5.xml
++++ b/src/man/sssd.conf.5.xml
+@@ -706,7 +706,7 @@
+                             or dbus activated.
+                         </para>
+                         <para>
+-                            Default: 300
++                            Default: 0
+                         </para>
+                     </listitem>
+                 </varlistentry>
+-- 
+2.14.3
+
diff --git a/sssd.spec b/sssd.spec
index ec028a2..350c083 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -29,7 +29,7 @@
 
 Name: sssd
 Version: 1.16.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 Group: Applications/System
 Summary: System Security Services Daemon
 License: GPLv3+
@@ -38,7 +38,9 @@ Source0: https://releases.pagure.org/SSSD/sssd/%{name}-%{version}.tar.gz
 BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
 ### Patches ###
+Patch0001: 0001-KCM-Fix-restart-during-after-upgrade.patch
 Patch0502: 0502-SYSTEMD-Use-capabilities.patch
+Patch0503: 0503-Disable-stopping-idle-socket-activated-responders.patch
 Patch0600: 0600-tests-cmocka-Fix-unit-tests-with-libldb-1.3.0.patch
 
 ### Dependencies ###
@@ -1238,6 +1240,9 @@ fi
                                 %{_libdir}/%{name}/modules/libwbclient.so
 
 %changelog
+* Fri Nov 03 2017 Lukas Slebodnik <lslebodn@fedoraproject.org> - 1.16.0-2
+- Resolves: upstream#3529 - sssd-kcm Fix restart during/after upgrade
+
 * Fri Oct 20 2017 Lukas Slebodnik <lslebodn@fedoraproject.org> - 1.16.0-1
 - New upstream release 1.16.0
 - https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_0.html