import sssd-2.7.3-3.el8

This commit is contained in:
CentOS Sources 2022-08-26 16:16:22 +00:00 committed by Stepan Oksanichenko
parent 5e58104951
commit a5d9962757
6 changed files with 638 additions and 1 deletions

View File

@ -0,0 +1,34 @@
From 0eae0862069e4bbbdd87b809193fc873f3003cff Mon Sep 17 00:00:00 2001
From: Alexey Tikhonov <atikhono@redhat.com>
Date: Tue, 16 Aug 2022 21:48:43 +0200
Subject: [PATCH 5/6] CLIENT:MC: -1 is more appropriate initial value for fd
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit 579cc0b266d5f8954bc71cfcd3fe68002d681a5f)
---
src/sss_client/nss_mc.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/sss_client/nss_mc.h b/src/sss_client/nss_mc.h
index de1496ccc..0f88521e9 100644
--- a/src/sss_client/nss_mc.h
+++ b/src/sss_client/nss_mc.h
@@ -67,9 +67,9 @@ struct sss_cli_mc_ctx {
};
#if HAVE_PTHREAD
-#define SSS_CLI_MC_CTX_INITIALIZER(mtx) {UNINITIALIZED, (mtx), 1, 0, NULL, 0, NULL, 0, NULL, 0, 0}
+#define SSS_CLI_MC_CTX_INITIALIZER(mtx) {UNINITIALIZED, (mtx), -1, 0, NULL, 0, NULL, 0, NULL, 0, 0}
#else
-#define SSS_CLI_MC_CTX_INITIALIZER {UNINITIALIZED, 1, 0, NULL, 0, NULL, 0, NULL, 0, 0}
+#define SSS_CLI_MC_CTX_INITIALIZER {UNINITIALIZED, -1, 0, NULL, 0, NULL, 0, NULL, 0, 0}
#endif
errno_t sss_nss_mc_get_ctx(const char *name, struct sss_cli_mc_ctx *ctx);
--
2.37.1

View File

@ -0,0 +1,78 @@
From d386e94ef49d95d7305a3e6578e41a2cf61dfc5c Mon Sep 17 00:00:00 2001
From: Alexey Tikhonov <atikhono@redhat.com>
Date: Tue, 16 Aug 2022 21:51:03 +0200
Subject: [PATCH 6/6] CLIENT:MC: pointer to the context mutex shouldn't be
touched
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Even brief window inside `sss_nss_mc_destroy_ctx()` when `mutex == NULL`
was creating a possibility for a race.
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit 4ac93d9c5df59cdb7f397b4467f1c1c4822ff757)
---
src/sss_client/nss_mc.h | 4 +++-
src/sss_client/nss_mc_common.c | 20 ++++++++++----------
2 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/src/sss_client/nss_mc.h b/src/sss_client/nss_mc.h
index 0f88521e9..9ab2736fa 100644
--- a/src/sss_client/nss_mc.h
+++ b/src/sss_client/nss_mc.h
@@ -44,7 +44,9 @@ enum sss_mc_state {
RECYCLED,
};
-/* common stuff */
+/* In the case this structure is extended, don't forget to update
+ * `SSS_CLI_MC_CTX_INITIALIZER` and `sss_nss_mc_destroy_ctx()`.
+ */
struct sss_cli_mc_ctx {
enum sss_mc_state initialized;
#if HAVE_PTHREAD
diff --git a/src/sss_client/nss_mc_common.c b/src/sss_client/nss_mc_common.c
index f38a4a85a..3128861bf 100644
--- a/src/sss_client/nss_mc_common.c
+++ b/src/sss_client/nss_mc_common.c
@@ -130,25 +130,25 @@ errno_t sss_nss_check_header(struct sss_cli_mc_ctx *ctx)
static void sss_nss_mc_destroy_ctx(struct sss_cli_mc_ctx *ctx)
{
- uint32_t active_threads = ctx->active_threads;
-#if HAVE_PTHREAD
- pthread_mutex_t *mutex = ctx->mutex;
-#endif
if ((ctx->mmap_base != NULL) && (ctx->mmap_size != 0)) {
munmap(ctx->mmap_base, ctx->mmap_size);
}
+ ctx->mmap_base = NULL;
+ ctx->mmap_size = 0;
+
if (ctx->fd != -1) {
close(ctx->fd);
}
- memset(ctx, 0, sizeof(struct sss_cli_mc_ctx));
ctx->fd = -1;
- /* restore count of active threads */
- ctx->active_threads = active_threads;
-#if HAVE_PTHREAD
- ctx->mutex = mutex;
-#endif
+ ctx->seed = 0;
+ ctx->data_table = NULL;
+ ctx->dt_size = 0;
+ ctx->hash_table = NULL;
+ ctx->ht_size = 0;
+ ctx->initialized = UNINITIALIZED;
+ /* `mutex` and `active_threads` should be left intact */
}
static errno_t sss_nss_mc_init_ctx(const char *name,
--
2.37.1

View File

@ -0,0 +1,33 @@
From f8704cc24eafe190e6c78dc21535f6029d51d647 Mon Sep 17 00:00:00 2001
From: Justin Stephenson <jstephen@redhat.com>
Date: Mon, 15 Aug 2022 16:17:59 -0400
Subject: [PATCH] SSSCTL: Allow analyzer to work without SSSD setup
Fixes an issue when the sssctl analyzer option is
used on systems where SSSD is not running or configured. This is
an expected use case when using --logdir option to analyze external
log files.
Resolves: https://github.com/SSSD/sssd/issues/6298
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
---
src/tools/sssctl/sssctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/tools/sssctl/sssctl.c b/src/tools/sssctl/sssctl.c
index 3816125ad..f18689f9f 100644
--- a/src/tools/sssctl/sssctl.c
+++ b/src/tools/sssctl/sssctl.c
@@ -296,7 +296,7 @@ int main(int argc, const char **argv)
SSS_TOOL_COMMAND("logs-remove", "Remove existing SSSD log files", 0, sssctl_logs_remove),
SSS_TOOL_COMMAND("logs-fetch", "Archive SSSD log files in tarball", 0, sssctl_logs_fetch),
SSS_TOOL_COMMAND("debug-level", "Change SSSD debug level", 0, sssctl_debug_level),
- SSS_TOOL_COMMAND("analyze", "Analyze logged data", 0, sssctl_analyze),
+ SSS_TOOL_COMMAND_FLAGS("analyze", "Analyze logged data", 0, sssctl_analyze, SSS_TOOL_FLAG_SKIP_CMD_INIT),
#ifdef HAVE_LIBINI_CONFIG_V1_3
SSS_TOOL_DELIMITER("Configuration files tools:"),
SSS_TOOL_COMMAND_FLAGS("config-check", "Perform static analysis of SSSD configuration", 0, sssctl_config_check, SSS_TOOL_FLAG_SKIP_CMD_INIT),
--
2.37.1

View File

@ -0,0 +1,297 @@
From e6d450d4f67c3c639a6ab7e891adccc361d80ecd Mon Sep 17 00:00:00 2001
From: Justin Stephenson <jstephen@redhat.com>
Date: Fri, 19 Aug 2022 09:50:22 -0400
Subject: [PATCH 8/9] RESPONDER: Fix client ID tracking
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Client ID is not stored properly to match requests
when parallel requests are made to client SSSD
Resolves: https://github.com/SSSD/sssd/issues/6307
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
---
src/responder/common/cache_req/cache_req.c | 5 +++--
.../plugins/cache_req_autofs_entry_by_name.c | 3 ++-
.../cache_req/plugins/cache_req_autofs_map_by_name.c | 3 ++-
.../cache_req/plugins/cache_req_autofs_map_entries.c | 3 ++-
.../plugins/cache_req_ssh_host_id_by_name.c | 3 ++-
src/responder/common/responder.h | 2 +-
src/responder/common/responder_common.c | 12 +++++++-----
src/responder/common/responder_dp.c | 5 +++--
src/responder/common/responder_get_domains.c | 3 ++-
src/responder/pam/pamsrv_cmd.c | 4 ++--
10 files changed, 26 insertions(+), 17 deletions(-)
diff --git a/src/responder/common/cache_req/cache_req.c b/src/responder/common/cache_req/cache_req.c
index 4dd45b038..bc65bae71 100644
--- a/src/responder/common/cache_req/cache_req.c
+++ b/src/responder/common/cache_req/cache_req.c
@@ -24,6 +24,7 @@
#include <errno.h>
#include "util/util.h"
+#include "util/sss_chain_id.h"
#include "responder/common/responder.h"
#include "responder/common/cache_req/cache_req_private.h"
#include "responder/common/cache_req/cache_req_plugin.h"
@@ -1124,8 +1125,8 @@ struct tevent_req *cache_req_send(TALLOC_CTX *mem_ctx,
}
state->first_iteration = true;
- SSS_REQ_TRACE_CID_CR(SSSDBG_TRACE_FUNC, cr, "New request [CID #%u] '%s'\n",
- rctx->client_id_num, cr->reqname);
+ SSS_REQ_TRACE_CID_CR(SSSDBG_TRACE_FUNC, cr, "New request [CID #%lu] '%s'\n",
+ sss_chain_id_get(), cr->reqname);
ret = cache_req_is_well_known_object(state, cr, &result);
if (ret == EOK) {
diff --git a/src/responder/common/cache_req/plugins/cache_req_autofs_entry_by_name.c b/src/responder/common/cache_req/plugins/cache_req_autofs_entry_by_name.c
index 788b6708c..b2b0a06eb 100644
--- a/src/responder/common/cache_req/plugins/cache_req_autofs_entry_by_name.c
+++ b/src/responder/common/cache_req/plugins/cache_req_autofs_entry_by_name.c
@@ -24,6 +24,7 @@
#include "db/sysdb.h"
#include "db/sysdb_autofs.h"
#include "util/util.h"
+#include "util/sss_chain_id.h"
#include "providers/data_provider.h"
#include "responder/common/cache_req/cache_req_plugin.h"
@@ -86,7 +87,7 @@ cache_req_autofs_entry_by_name_dp_send(TALLOC_CTX *mem_ctx,
be_conn->bus_name, SSS_BUS_PATH,
0, data->name.name,
data->autofs_entry_name,
- cr->rctx->client_id_num);
+ sss_chain_id_get());
}
bool
diff --git a/src/responder/common/cache_req/plugins/cache_req_autofs_map_by_name.c b/src/responder/common/cache_req/plugins/cache_req_autofs_map_by_name.c
index 5d82641cc..23b11b1cd 100644
--- a/src/responder/common/cache_req/plugins/cache_req_autofs_map_by_name.c
+++ b/src/responder/common/cache_req/plugins/cache_req_autofs_map_by_name.c
@@ -24,6 +24,7 @@
#include "db/sysdb.h"
#include "db/sysdb_autofs.h"
#include "util/util.h"
+#include "util/sss_chain_id.h"
#include "providers/data_provider.h"
#include "responder/common/cache_req/cache_req_plugin.h"
@@ -82,7 +83,7 @@ cache_req_autofs_map_by_name_dp_send(TALLOC_CTX *mem_ctx,
return sbus_call_dp_autofs_GetMap_send(mem_ctx, be_conn->conn,
be_conn->bus_name, SSS_BUS_PATH,
0, data->name.name,
- cr->rctx->client_id_num);
+ sss_chain_id_get());
}
bool
diff --git a/src/responder/common/cache_req/plugins/cache_req_autofs_map_entries.c b/src/responder/common/cache_req/plugins/cache_req_autofs_map_entries.c
index 29f289723..18c08ca39 100644
--- a/src/responder/common/cache_req/plugins/cache_req_autofs_map_entries.c
+++ b/src/responder/common/cache_req/plugins/cache_req_autofs_map_entries.c
@@ -24,6 +24,7 @@
#include "db/sysdb.h"
#include "db/sysdb_autofs.h"
#include "util/util.h"
+#include "util/sss_chain_id.h"
#include "providers/data_provider.h"
#include "responder/common/cache_req/cache_req_plugin.h"
@@ -114,7 +115,7 @@ cache_req_autofs_map_entries_dp_send(TALLOC_CTX *mem_ctx,
return sbus_call_dp_autofs_Enumerate_send(mem_ctx, be_conn->conn,
be_conn->bus_name, SSS_BUS_PATH,
0, data->name.name,
- cr->rctx->client_id_num);
+ sss_chain_id_get());
}
bool
diff --git a/src/responder/common/cache_req/plugins/cache_req_ssh_host_id_by_name.c b/src/responder/common/cache_req/plugins/cache_req_ssh_host_id_by_name.c
index a8b8f47a8..29f52f10d 100644
--- a/src/responder/common/cache_req/plugins/cache_req_ssh_host_id_by_name.c
+++ b/src/responder/common/cache_req/plugins/cache_req_ssh_host_id_by_name.c
@@ -23,6 +23,7 @@
#include "db/sysdb_ssh.h"
#include "util/util.h"
+#include "util/sss_chain_id.h"
#include "providers/data_provider.h"
#include "responder/common/cache_req/cache_req_plugin.h"
@@ -86,7 +87,7 @@ cache_req_host_by_name_dp_send(TALLOC_CTX *mem_ctx,
return sbus_call_dp_dp_hostHandler_send(mem_ctx, be_conn->conn,
be_conn->bus_name, SSS_BUS_PATH,
0, data->name.name, data->alias,
- cr->rctx->client_id_num);
+ sss_chain_id_get());
}
static bool
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h
index 5cb79e3e6..259b3ff13 100644
--- a/src/responder/common/responder.h
+++ b/src/responder/common/responder.h
@@ -165,13 +165,13 @@ struct cli_ctx {
struct cli_creds *creds;
char *cmd_line;
- uint64_t old_chain_id;
void *protocol_ctx;
void *state_ctx;
struct tevent_timer *idle;
time_t last_request_time;
+ uint32_t client_id_num;
};
struct sss_cmd_table {
diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
index 6e3b61ef0..a4ba8ea71 100644
--- a/src/responder/common/responder_common.c
+++ b/src/responder/common/responder_common.c
@@ -87,8 +87,6 @@ static void client_close_fn(struct tevent_context *ev,
"Failed to close fd [%d]: [%s]\n",
ctx->cfd, strerror(ret));
}
- /* Restore the original chain id */
- sss_chain_id_set(ctx->old_chain_id);
DEBUG(SSSDBG_TRACE_INTERNAL,
"Terminated client [%p][%d]\n",
@@ -526,7 +524,6 @@ static void accept_fd_handler(struct tevent_context *ev,
int fd = accept_ctx->is_private ? rctx->priv_lfd : rctx->lfd;
rctx->client_id_num++;
-
if (accept_ctx->is_private) {
ret = stat(rctx->priv_sock_name, &stat_buf);
if (ret == -1) {
@@ -557,6 +554,8 @@ static void accept_fd_handler(struct tevent_context *ev,
talloc_set_destructor(cctx, cli_ctx_destructor);
+ cctx->client_id_num = rctx->client_id_num;
+
len = sizeof(cctx->addr);
cctx->cfd = accept(fd, (struct sockaddr *)&cctx->addr, &len);
if (cctx->cfd == -1) {
@@ -645,7 +644,7 @@ static void accept_fd_handler(struct tevent_context *ev,
DEBUG(SSSDBG_TRACE_FUNC,
"[CID#%u] Client [cmd %s][uid %u][%p][%d] connected%s!\n",
- rctx->client_id_num, cctx->cmd_line, cli_creds_get_uid(cctx->creds),
+ cctx->client_id_num, cctx->cmd_line, cli_creds_get_uid(cctx->creds),
cctx, cctx->cfd, accept_ctx->is_private ? " to privileged pipe" : "");
return;
@@ -1090,6 +1089,7 @@ void sss_client_fd_handler(void *ptr,
uint16_t flags)
{
errno_t ret;
+ uint64_t old_chain_id;
struct cli_ctx *cctx = talloc_get_type(ptr, struct cli_ctx);
/* Always reset the responder idle timer on any activity */
@@ -1105,7 +1105,7 @@ void sss_client_fd_handler(void *ptr,
}
/* Set the chain id */
- cctx->old_chain_id = sss_chain_id_set(cctx->rctx->client_id_num);
+ old_chain_id = sss_chain_id_set(cctx->client_id_num);
if (flags & TEVENT_FD_READ) {
recv_fn(cctx);
@@ -1116,6 +1116,8 @@ void sss_client_fd_handler(void *ptr,
send_fn(cctx);
return;
}
+ /* Restore the original chain id */
+ sss_chain_id_set(old_chain_id);
}
int sss_connection_setup(struct cli_ctx *cctx)
diff --git a/src/responder/common/responder_dp.c b/src/responder/common/responder_dp.c
index d549e02d3..4b4770da1 100644
--- a/src/responder/common/responder_dp.c
+++ b/src/responder/common/responder_dp.c
@@ -23,6 +23,7 @@
#include <sys/time.h>
#include <time.h>
#include "util/util.h"
+#include "util/sss_chain_id.h"
#include "responder/common/responder_packet.h"
#include "responder/common/responder.h"
#include "providers/data_provider.h"
@@ -276,7 +277,7 @@ sss_dp_get_account_send(TALLOC_CTX *mem_ctx,
subreq = sbus_call_dp_dp_getAccountInfo_send(state, be_conn->conn,
be_conn->bus_name, SSS_BUS_PATH, dp_flags,
entry_type, filter, dom->name, extra,
- rctx->client_id_num);
+ sss_chain_id_get());
if (subreq == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create subrequest!\n");
ret = ENOMEM;
@@ -406,7 +407,7 @@ sss_dp_resolver_get_send(TALLOC_CTX *mem_ctx,
SSS_BUS_PATH,
dp_flags, entry_type,
filter_type, filter_value,
- rctx->client_id_num);
+ sss_chain_id_get());
if (subreq == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create subrequest!\n");
ret = ENOMEM;
diff --git a/src/responder/common/responder_get_domains.c b/src/responder/common/responder_get_domains.c
index 918124756..aeff28d73 100644
--- a/src/responder/common/responder_get_domains.c
+++ b/src/responder/common/responder_get_domains.c
@@ -19,6 +19,7 @@
*/
#include "util/util.h"
+#include "util/sss_chain_id.h"
#include "responder/common/responder.h"
#include "providers/data_provider.h"
#include "db/sysdb.h"
@@ -751,7 +752,7 @@ sss_dp_get_account_domain_send(TALLOC_CTX *mem_ctx,
be_conn->bus_name,
SSS_BUS_PATH, dp_flags,
entry_type, filter,
- rctx->client_id_num);
+ sss_chain_id_get());
if (subreq == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create subrequest!\n");
ret = ENOMEM;
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index cb0e1b82f..1695554fc 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -1492,7 +1492,7 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd)
}
preq->cctx = cctx;
preq->cert_auth_local = false;
- preq->client_id_num = pctx->rctx->client_id_num;
+ preq->client_id_num = cctx->client_id_num;
preq->pd = create_pam_data(preq);
if (!preq->pd) {
@@ -1513,7 +1513,7 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd)
pd->cmd = pam_cmd;
pd->priv = cctx->priv;
- pd->client_id_num = pctx->rctx->client_id_num;
+ pd->client_id_num = cctx->client_id_num;
ret = pam_forwarder_parse_data(cctx, pd);
if (ret == EAGAIN) {
--
2.37.1

View File

@ -0,0 +1,185 @@
From d22ea2df62b6e245eef75d7201b678601bf63e98 Mon Sep 17 00:00:00 2001
From: Justin Stephenson <jstephen@redhat.com>
Date: Fri, 19 Aug 2022 14:44:11 -0400
Subject: [PATCH 9/9] Analyzer: support parallel requests parsing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Analyzer code(primarily the list verbose command) needs
changes to handle parsing the necessary lines from
NSS/PAM log files when multiple intermixed/parallel
client requests are sent to SSSD.
Resolves: https://github.com/SSSD/sssd/issues/6307
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
---
src/tools/analyzer/modules/request.py | 119 +++++++++++++++-----------
1 file changed, 67 insertions(+), 52 deletions(-)
diff --git a/src/tools/analyzer/modules/request.py b/src/tools/analyzer/modules/request.py
index 935e13adc..b9fe3caf8 100644
--- a/src/tools/analyzer/modules/request.py
+++ b/src/tools/analyzer/modules/request.py
@@ -16,7 +16,6 @@ class RequestAnalyzer:
"""
module_parser = None
consumed_logs = []
- done = ""
list_opts = [
Option('--verbose', 'Verbose output', bool, '-v'),
Option('--pam', 'Filter only PAM requests', bool),
@@ -149,58 +148,74 @@ class RequestAnalyzer:
print(line)
return found_results
- def print_formatted(self, line, verbose):
+ def print_formatted_verbose(self, source, patterns):
+ """
+ Parse line and print formatted verbose list_requests output
+
+ Args:
+ source (Reader): source Reader object
+ patterns (list): List of regex patterns to use for
+ matching lines
+ """
+ # Get CID number, and print the basic line first
+ for line in self.matched_line(source, patterns):
+ cid = self.print_formatted(line)
+
+ # Loop through each line with this CID number to extract and
+ # print the verbose data needed
+ verbose_patterns = ["(cache_req_send|cache_req_process_input|"
+ "cache_req_search_send)"]
+ for cidline in self.matched_line(source, verbose_patterns):
+ plugin = ""
+ name = ""
+ id = ""
+
+ # skip any lines not pertaining to this CID
+ if f"CID#{cid}]" not in cidline:
+ continue
+ if "refreshed" in cidline:
+ continue
+ # CR Plugin name
+ if re.search("cache_req_send", cidline):
+ plugin = cidline.split('\'')[1]
+ # CR Input name
+ elif re.search("cache_req_process_input", cidline):
+ name = cidline.rsplit('[')[-1]
+ # CR Input id
+ elif re.search("cache_req_search_send", cidline):
+ id = cidline.rsplit()[-1]
+
+ if plugin:
+ print(" - " + plugin)
+ if name:
+ print(" - " + name[:-2])
+ if (id and ("UID" in cidline or "GID" in cidline)):
+ print(" - " + id)
+
+ def print_formatted(self, line):
"""
Parse line and print formatted list_requests output
Args:
line (str): line to parse
- verbose (bool): If true, enable verbose output
+ Returns:
+ Client ID from printed line, 0 otherwise
"""
- plugin = ""
- name = ""
- id = ""
-
# exclude backtrace logs
if line.startswith(' * '):
- return
- fields = line.split("[")
- cr_field = fields[3][7:]
- cr = cr_field.split(":")[0][4:]
+ return 0
if "refreshed" in line:
- return
- # CR Plugin name
- if re.search("cache_req_send", line):
- plugin = line.split('\'')[1]
- # CR Input name
- elif re.search("cache_req_process_input", line):
- name = line.rsplit('[')[-1]
- # CR Input id
- elif re.search("cache_req_search_send", line):
- id = line.rsplit()[-1]
- # CID and client process name
- else:
- ts = line.split(")")[0]
- ts = ts[1:]
- fields = line.split("[")
- cid = fields[3][4:-9]
- cmd = fields[4][4:-1]
- uid = fields[5][4:-1]
- if not uid.isnumeric():
- uid = fields[6][4:-1]
- print(f'{ts}: [uid {uid}] CID #{cid}: {cmd}')
-
- if verbose:
- if plugin:
- print(" - " + plugin)
- if name:
- if cr not in self.done:
- print(" - " + name[:-2])
- self.done = cr
- if id:
- if cr not in self.done:
- print(" - " + id)
- self.done = cr
+ return 0
+ ts = line.split(")")[0]
+ ts = ts[1:]
+ fields = line.split("[")
+ cid = fields[3][4:-9]
+ cmd = fields[4][4:-1]
+ uid = fields[5][4:-1]
+ if not uid.isnumeric():
+ uid = fields[6][4:-1]
+ print(f'{ts}: [uid {uid}] CID #{cid}: {cmd}')
+ return cid
def list_requests(self, args):
"""
@@ -215,20 +230,20 @@ class RequestAnalyzer:
# Log messages matching the following regex patterns contain
# the useful info we need to produce list output
patterns = [r'\[cmd']
- patterns.append("(cache_req_send|cache_req_process_input|"
- "cache_req_search_send)")
if args.pam:
component = source.Component.PAM
resp = "pam"
logger.info(f"******** Listing {resp} client requests ********")
source.set_component(component, False)
- self.done = ""
- for line in self.matched_line(source, patterns):
- if isinstance(source, Journald):
- print(line)
- else:
- self.print_formatted(line, args.verbose)
+ if args.verbose:
+ self.print_formatted_verbose(source, patterns)
+ else:
+ for line in self.matched_line(source, patterns):
+ if isinstance(source, Journald):
+ print(line)
+ else:
+ self.print_formatted(line)
def track_request(self, args):
"""
--
2.37.1

View File

@ -19,7 +19,7 @@
Name: sssd Name: sssd
Version: 2.7.3 Version: 2.7.3
Release: 2%{?dist} Release: 3%{?dist}
Group: Applications/System Group: Applications/System
Summary: System Security Services Daemon Summary: System Security Services Daemon
License: GPLv3+ License: GPLv3+
@ -31,6 +31,11 @@ Patch0001: 0001-Makefile-remove-unneeded-dependency.patch
Patch0002: 0002-CLIENT-MC-store-context-mutex-outside-of-context-as-.patch Patch0002: 0002-CLIENT-MC-store-context-mutex-outside-of-context-as-.patch
Patch0003: 0003-CACHE_REQ-Fix-hybrid-lookup-log-spamming.patch Patch0003: 0003-CACHE_REQ-Fix-hybrid-lookup-log-spamming.patch
Patch0004: 0004-Analyzer-Fix-escaping-raw-fstring.patch Patch0004: 0004-Analyzer-Fix-escaping-raw-fstring.patch
Patch0005: 0005-CLIENT-MC-1-is-more-appropriate-initial-value-for-fd.patch
Patch0006: 0006-CLIENT-MC-pointer-to-the-context-mutex-shouldn-t-be-.patch
Patch0007: 0007-SSSCTL-Allow-analyzer-to-work-without-SSSD-setup.patch
Patch0008: 0008-RESPONDER-Fix-client-ID-tracking.patch
Patch0009: 0009-Analyzer-support-parallel-requests-parsing.patch
### Downstream Patches ### ### Downstream Patches ###
@ -1181,6 +1186,11 @@ fi
%systemd_postun_with_restart sssd.service %systemd_postun_with_restart sssd.service
%changelog %changelog
* Tue Aug 23 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-3
- Resolves: rhbz#2116395 - NFS krb5 mount failed as "access denied" after test accessing a same file on krb5 nfs mount with multiple uids simultaneously since sssd-2.7.3-1.el8
- Resolves: rhbz#2119726 - sssctl analyze --logdir option requires sssd to be configured
- Resolves: rhbz#2120669 - Incorrect request ID tracking from responder to backend
* Wed Aug 10 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-2 * Wed Aug 10 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-2
- Resolves: rhbz#2116488 - virsh command will hang after the host run several auto test cases - Resolves: rhbz#2116488 - virsh command will hang after the host run several auto test cases
- Resolves: rhbz#2116486 - [regression] sssctl analyze fails to parse PAM related sssd logs - Resolves: rhbz#2116486 - [regression] sssctl analyze fails to parse PAM related sssd logs