sssd-2.8.1-1: Rebase to latest upstream release
This commit is contained in:
parent
d24bcc9e43
commit
cf2cbdba82
1
.gitignore
vendored
1
.gitignore
vendored
@ -103,3 +103,4 @@ sssd-1.2.91.tar.gz
|
|||||||
/sssd-2.7.3.tar.gz
|
/sssd-2.7.3.tar.gz
|
||||||
/sssd-2.7.4.tar.gz
|
/sssd-2.7.4.tar.gz
|
||||||
/sssd-2.8.0.tar.gz
|
/sssd-2.8.0.tar.gz
|
||||||
|
/sssd-2.8.1.tar.gz
|
||||||
|
@ -1,96 +0,0 @@
|
|||||||
From b38fdc8185fcd6a2e5d4b483d3119964f9922070 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
||||||
Date: Tue, 11 Oct 2022 12:10:25 +0200
|
|
||||||
Subject: [PATCH 1/6] confdb: avoid syslog message when no domains are enabled
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
This syslog message would also appear when calling other tools like
|
|
||||||
sss_cache which is confusing. We return specific error code instead
|
|
||||||
and let the error be syslogged in the monitor in monitor.c:main (this
|
|
||||||
is already implemented).
|
|
||||||
|
|
||||||
Resolves: https://github.com/SSSD/sssd/issues/6387
|
|
||||||
|
|
||||||
:fixes: A regression when running sss_cache when no SSSD domain is
|
|
||||||
enabled would produce a syslog critical message was fixed.
|
|
||||||
|
|
||||||
Reviewed-by: Alejandro López <allopez@redhat.com>
|
|
||||||
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
||||||
---
|
|
||||||
src/confdb/confdb.c | 8 ++++----
|
|
||||||
src/monitor/monitor.c | 2 +-
|
|
||||||
src/util/util_errors.c | 1 +
|
|
||||||
src/util/util_errors.h | 1 +
|
|
||||||
4 files changed, 7 insertions(+), 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
|
|
||||||
index ae2d90bf5e4bc231e878c0d5e2c84e46abd9f999..9465bffe394ebed783b8217f96049f3d07ba7e77 100644
|
|
||||||
--- a/src/confdb/confdb.c
|
|
||||||
+++ b/src/confdb/confdb.c
|
|
||||||
@@ -1800,10 +1800,10 @@ int confdb_get_domains(struct confdb_ctx *cdb,
|
|
||||||
ret = confdb_get_enabled_domain_list(cdb, tmp_ctx, &domlist);
|
|
||||||
if (ret == ENOENT) {
|
|
||||||
DEBUG(SSSDBG_FATAL_FAILURE, "No domains configured, fatal error!\n");
|
|
||||||
- sss_log(SSS_LOG_CRIT, "No domains configured, fatal error!\n");
|
|
||||||
+ ret = ERR_NO_DOMAIN_ENABLED;
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
- if (ret != EOK ) {
|
|
||||||
+ if (ret != EOK) {
|
|
||||||
DEBUG(SSSDBG_FATAL_FAILURE, "Fatal error retrieving domains list!\n");
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
@@ -2472,9 +2472,9 @@ int confdb_expand_app_domains(struct confdb_ctx *cdb)
|
|
||||||
ret = confdb_get_enabled_domain_list(cdb, tmp_ctx, &domlist);
|
|
||||||
if (ret == ENOENT) {
|
|
||||||
DEBUG(SSSDBG_FATAL_FAILURE, "No domains configured, fatal error!\n");
|
|
||||||
- sss_log(SSS_LOG_CRIT, "No domains configured, fatal error!\n");
|
|
||||||
+ ret = ERR_NO_DOMAIN_ENABLED;
|
|
||||||
goto done;
|
|
||||||
- } else if (ret != EOK ) {
|
|
||||||
+ } else if (ret != EOK) {
|
|
||||||
DEBUG(SSSDBG_FATAL_FAILURE, "Fatal error retrieving domains list!\n");
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
|
|
||||||
index 17bb1d6685257f204e56baad43919366b75a140d..7670114d37646ebcacd1d0f8c6876e40ff03938e 100644
|
|
||||||
--- a/src/monitor/monitor.c
|
|
||||||
+++ b/src/monitor/monitor.c
|
|
||||||
@@ -2566,7 +2566,7 @@ int main(int argc, const char *argv[])
|
|
||||||
"SSSD couldn't load the configuration database.\n");
|
|
||||||
sss_log(SSS_LOG_CRIT,
|
|
||||||
"SSSD couldn't load the configuration database [%d]: %s.\n",
|
|
||||||
- ret, strerror(ret));
|
|
||||||
+ ret, sss_strerror(ret));
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
return 4;
|
|
||||||
diff --git a/src/util/util_errors.c b/src/util/util_errors.c
|
|
||||||
index 647bc70a77ec8697e287f61d5895143f0a575157..899bef2f40e4f1c503c843b8307120e18c6c2d52 100644
|
|
||||||
--- a/src/util/util_errors.c
|
|
||||||
+++ b/src/util/util_errors.c
|
|
||||||
@@ -64,6 +64,7 @@ struct err_string error_to_str[] = {
|
|
||||||
{ "Cannot parse input" }, /* ERR_INPUT_PARSE */
|
|
||||||
{ "Entry not found" }, /* ERR_NOT_FOUND */
|
|
||||||
{ "Domain not found" }, /* ERR_DOMAIN_NOT_FOUND */
|
|
||||||
+ { "No domain is enabled" }, /* ERR_NO_DOMAIN_ENABLED */
|
|
||||||
{ "Malformed search filter" }, /* ERR_INVALID_FILTER, */
|
|
||||||
{ "No POSIX attributes detected" }, /* ERR_NO_POSIX */
|
|
||||||
{ "Extra attribute is a duplicate" }, /* ERR_DUP_EXTRA_ATTR */
|
|
||||||
diff --git a/src/util/util_errors.h b/src/util/util_errors.h
|
|
||||||
index 1a752753e4df2a9de5913920bb75ebf49a8f60a6..b55b340fcdcfd9b01a9053b6b2a24b68243f14f5 100644
|
|
||||||
--- a/src/util/util_errors.h
|
|
||||||
+++ b/src/util/util_errors.h
|
|
||||||
@@ -85,6 +85,7 @@ enum sssd_errors {
|
|
||||||
ERR_INPUT_PARSE,
|
|
||||||
ERR_NOT_FOUND,
|
|
||||||
ERR_DOMAIN_NOT_FOUND,
|
|
||||||
+ ERR_NO_DOMAIN_ENABLED,
|
|
||||||
ERR_INVALID_FILTER,
|
|
||||||
ERR_NO_POSIX,
|
|
||||||
ERR_DUP_EXTRA_ATTR,
|
|
||||||
--
|
|
||||||
2.37.3
|
|
||||||
|
|
@ -1,101 +0,0 @@
|
|||||||
From 4da861368b88c03b22993f95de5b508ad5637c25 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
||||||
Date: Tue, 11 Oct 2022 12:30:56 +0200
|
|
||||||
Subject: [PATCH 2/6] monitor: read all enabled domains in
|
|
||||||
add_implicit_services
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
Reading sssd/domains option is no longer sufficient since domains
|
|
||||||
can be enabled through domain/enabled.
|
|
||||||
|
|
||||||
Reviewed-by: Alejandro López <allopez@redhat.com>
|
|
||||||
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
||||||
---
|
|
||||||
src/confdb/confdb.c | 15 ++-------------
|
|
||||||
src/confdb/confdb.h | 11 +++++++++++
|
|
||||||
src/monitor/monitor.c | 9 +++++----
|
|
||||||
3 files changed, 18 insertions(+), 17 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
|
|
||||||
index 9465bffe394ebed783b8217f96049f3d07ba7e77..3ecdaa3b91e3b550f670768d336e9d7d85bb66e6 100644
|
|
||||||
--- a/src/confdb/confdb.c
|
|
||||||
+++ b/src/confdb/confdb.c
|
|
||||||
@@ -45,9 +45,6 @@
|
|
||||||
/* SSSD domain name that is used for the auto-configured files domain */
|
|
||||||
#define IMPLICIT_FILES_DOMAIN_NAME "implicit_files"
|
|
||||||
|
|
||||||
-
|
|
||||||
-static int confdb_get_enabled_domain_list(struct confdb_ctx *cdb,
|
|
||||||
- TALLOC_CTX *ctx, char ***_result);
|
|
||||||
static int confdb_get_domain_enabled(struct confdb_ctx *cdb,
|
|
||||||
const char *domain, bool *_enabled);
|
|
||||||
|
|
||||||
@@ -2675,16 +2672,8 @@ done:
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
-/**
|
|
||||||
- * Retrieve the list of enabled domains considering the explicit list
|
|
||||||
- * and the 'enabled' attribute.
|
|
||||||
- * @param cdb The database configuration context.
|
|
||||||
- * @param ctx The memory context.
|
|
||||||
- * @param result Output variable where the list of domains will be stored.
|
|
||||||
- * @return 0 if the list was retrieved properly, another value on error.
|
|
||||||
- */
|
|
||||||
-static int confdb_get_enabled_domain_list(struct confdb_ctx *cdb,
|
|
||||||
- TALLOC_CTX *ctx, char ***_result)
|
|
||||||
+int confdb_get_enabled_domain_list(struct confdb_ctx *cdb,
|
|
||||||
+ TALLOC_CTX *ctx, char ***_result)
|
|
||||||
{
|
|
||||||
int ret;
|
|
||||||
char **domlist = NULL;
|
|
||||||
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
|
|
||||||
index 0effd1193708676ade230d8922ab78fae9b5c15a..a53894846737467f12e5dcd99ce35ebee165ccf7 100644
|
|
||||||
--- a/src/confdb/confdb.h
|
|
||||||
+++ b/src/confdb/confdb.h
|
|
||||||
@@ -497,6 +497,17 @@ int confdb_get_domain(struct confdb_ctx *cdb,
|
|
||||||
int confdb_get_domains(struct confdb_ctx *cdb,
|
|
||||||
struct sss_domain_info **domains);
|
|
||||||
|
|
||||||
+/**
|
|
||||||
+ * Retrieve the list of enabled domains considering the explicit list
|
|
||||||
+ * and the 'enabled' attribute.
|
|
||||||
+ * @param cdb The database configuration context.
|
|
||||||
+ * @param ctx The memory context.
|
|
||||||
+ * @param result Output variable where the list of domains will be stored.
|
|
||||||
+ * @return 0 if the list was retrieved properly, ENOENT if no domain is enabled, another value on error.
|
|
||||||
+ */
|
|
||||||
+int confdb_get_enabled_domain_list(struct confdb_ctx *cdb,
|
|
||||||
+ TALLOC_CTX *ctx, char ***_result);
|
|
||||||
+
|
|
||||||
int confdb_expand_app_domains(struct confdb_ctx *cdb);
|
|
||||||
|
|
||||||
/**
|
|
||||||
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
|
|
||||||
index 7670114d37646ebcacd1d0f8c6876e40ff03938e..511e13971d253bc25cb9a04008c1a363f2182748 100644
|
|
||||||
--- a/src/monitor/monitor.c
|
|
||||||
+++ b/src/monitor/monitor.c
|
|
||||||
@@ -777,13 +777,14 @@ static errno_t add_implicit_services(struct confdb_ctx *cdb, TALLOC_CTX *mem_ctx
|
|
||||||
return ENOMEM;
|
|
||||||
}
|
|
||||||
|
|
||||||
- ret = confdb_get_string_as_list(cdb, tmp_ctx,
|
|
||||||
- CONFDB_MONITOR_CONF_ENTRY,
|
|
||||||
- CONFDB_MONITOR_ACTIVE_DOMAINS,
|
|
||||||
- &domain_names);
|
|
||||||
+ ret = confdb_get_enabled_domain_list(cdb, tmp_ctx, &domain_names);
|
|
||||||
if (ret == ENOENT) {
|
|
||||||
DEBUG(SSSDBG_OP_FAILURE, "No domains configured!\n");
|
|
||||||
goto done;
|
|
||||||
+ } else if (ret != EOK) {
|
|
||||||
+ DEBUG(SSSDBG_FATAL_FAILURE, "Error retrieving domains list [%d]: %s\n",
|
|
||||||
+ ret, sss_strerror(ret));
|
|
||||||
+ goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
ret = confdb_get_bool(cdb, CONFDB_MONITOR_CONF_ENTRY,
|
|
||||||
--
|
|
||||||
2.37.3
|
|
||||||
|
|
@ -1,39 +0,0 @@
|
|||||||
From 64c22dd1c4f79f953b879fc167b535de928f4bfd Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
||||||
Date: Tue, 11 Oct 2022 14:51:53 +0200
|
|
||||||
Subject: [PATCH 3/6] sss_cache: use ERR_NO_DOMAIN_ENABLED instead of ENOENT
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
Reviewed-by: Alejandro López <allopez@redhat.com>
|
|
||||||
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
||||||
---
|
|
||||||
src/tools/sss_cache.c | 4 ++--
|
|
||||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c
|
|
||||||
index 6740e83b0359911824805d565c7c3e5a6d36f68c..79de13ac8725acd4cdde92a8869fcf1a3c289bb3 100644
|
|
||||||
--- a/src/tools/sss_cache.c
|
|
||||||
+++ b/src/tools/sss_cache.c
|
|
||||||
@@ -165,7 +165,7 @@ int main(int argc, const char *argv[])
|
|
||||||
}
|
|
||||||
|
|
||||||
ret = init_context(argc, argv, &tctx);
|
|
||||||
- if (ret == ENOENT) {
|
|
||||||
+ if (ret == ERR_NO_DOMAIN_ENABLED) {
|
|
||||||
/* nothing to invalidate; no reason to fail */
|
|
||||||
ret = EOK;
|
|
||||||
goto done;
|
|
||||||
@@ -909,7 +909,7 @@ static errno_t init_context(int argc, const char *argv[],
|
|
||||||
}
|
|
||||||
|
|
||||||
ret = init_domains(ctx, values.domain);
|
|
||||||
- if (ret == ENOENT && values.domain == NULL) {
|
|
||||||
+ if (ret == ERR_NO_DOMAIN_ENABLED && values.domain == NULL) {
|
|
||||||
/* Nothing to invalidate; do not log confusing messages. */
|
|
||||||
goto fini;
|
|
||||||
} else if (ret != EOK) {
|
|
||||||
--
|
|
||||||
2.37.3
|
|
||||||
|
|
@ -1,63 +0,0 @@
|
|||||||
From df55b1f16ea2fb5e56f0fe69419904d50b7e2476 Mon Sep 17 00:00:00 2001
|
|
||||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
||||||
Date: Wed, 12 Oct 2022 14:32:31 +0200
|
|
||||||
Subject: [PATCH 4/6] confdb: chande debug level when no domain are found in
|
|
||||||
confdb_get_domains
|
|
||||||
MIME-Version: 1.0
|
|
||||||
Content-Type: text/plain; charset=UTF-8
|
|
||||||
Content-Transfer-Encoding: 8bit
|
|
||||||
|
|
||||||
We print the error as fatal error in the monitor to make sure the
|
|
||||||
message is correctly visible. However, the error is not fatal for tools
|
|
||||||
like sss_cache and it should not be printed there by default.
|
|
||||||
|
|
||||||
Since the tools have default debug level set to SSSDBG_FATAL_FAILURE, it
|
|
||||||
is sufficient to just drop the level to critical.
|
|
||||||
|
|
||||||
Resolves: https://github.com/SSSD/sssd/issues/6387
|
|
||||||
|
|
||||||
Reviewed-by: Alejandro López <allopez@redhat.com>
|
|
||||||
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
||||||
---
|
|
||||||
src/confdb/confdb.c | 5 ++---
|
|
||||||
src/monitor/monitor.c | 5 +++--
|
|
||||||
2 files changed, 5 insertions(+), 5 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
|
|
||||||
index 3ecdaa3b91e3b550f670768d336e9d7d85bb66e6..cf0476f759827f3e1aa1f445d4e71c09b3ec3239 100644
|
|
||||||
--- a/src/confdb/confdb.c
|
|
||||||
+++ b/src/confdb/confdb.c
|
|
||||||
@@ -1796,11 +1796,10 @@ int confdb_get_domains(struct confdb_ctx *cdb,
|
|
||||||
|
|
||||||
ret = confdb_get_enabled_domain_list(cdb, tmp_ctx, &domlist);
|
|
||||||
if (ret == ENOENT) {
|
|
||||||
- DEBUG(SSSDBG_FATAL_FAILURE, "No domains configured, fatal error!\n");
|
|
||||||
+ DEBUG(SSSDBG_CRIT_FAILURE, "No domains configured, fatal error!\n");
|
|
||||||
ret = ERR_NO_DOMAIN_ENABLED;
|
|
||||||
goto done;
|
|
||||||
- }
|
|
||||||
- if (ret != EOK) {
|
|
||||||
+ } else if (ret != EOK) {
|
|
||||||
DEBUG(SSSDBG_FATAL_FAILURE, "Fatal error retrieving domains list!\n");
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
|
|
||||||
index 511e13971d253bc25cb9a04008c1a363f2182748..2196c2e0b0fdd630335333e7d53026e34302e512 100644
|
|
||||||
--- a/src/monitor/monitor.c
|
|
||||||
+++ b/src/monitor/monitor.c
|
|
||||||
@@ -2564,9 +2564,10 @@ int main(int argc, const char *argv[])
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
DEBUG(SSSDBG_FATAL_FAILURE,
|
|
||||||
- "SSSD couldn't load the configuration database.\n");
|
|
||||||
+ "SSSD couldn't load the configuration database [%d]: %s\n",
|
|
||||||
+ ret, sss_strerror(ret));
|
|
||||||
sss_log(SSS_LOG_CRIT,
|
|
||||||
- "SSSD couldn't load the configuration database [%d]: %s.\n",
|
|
||||||
+ "SSSD couldn't load the configuration database [%d]: %s\n",
|
|
||||||
ret, sss_strerror(ret));
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.37.3
|
|
||||||
|
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (sssd-2.8.0.tar.gz) = 25a96b1d14a113c7e388e7f8053668b6262c391413771cd85f4293a3162dcb4403956f4519f3a206095fcee83b0399648c948b25215f1c33dba01d199f01b1ea
|
SHA512 (sssd-2.8.1.tar.gz) = 419798fa3e7ab0ad407d9f53ead183e6c4ffb534c93ed20a944a2eea6760bffaa2336373a8d52bd43f8e7c100e52fccecc9d0859bde04f8ce4e7406102024c0e
|
||||||
|
14
sssd.spec
14
sssd.spec
@ -42,20 +42,15 @@
|
|||||||
%global samba_package_version %(rpm -q samba-devel --queryformat %{version}-%{release})
|
%global samba_package_version %(rpm -q samba-devel --queryformat %{version}-%{release})
|
||||||
|
|
||||||
Name: sssd
|
Name: sssd
|
||||||
Version: 2.8.0
|
Version: 2.8.1
|
||||||
Release: 2%{?dist}
|
Release: 1%{?dist}
|
||||||
Summary: System Security Services Daemon
|
Summary: System Security Services Daemon
|
||||||
License: GPLv3+
|
License: GPLv3+
|
||||||
URL: https://github.com/SSSD/sssd/
|
URL: https://github.com/SSSD/sssd/
|
||||||
Source0: https://github.com/SSSD/sssd/releases/download/2.8.0/sssd-2.8.0.tar.gz
|
Source0: https://github.com/SSSD/sssd/releases/download/2.8.1/sssd-2.8.1.tar.gz
|
||||||
|
|
||||||
### Patches ###
|
### Patches ###
|
||||||
|
|
||||||
Patch0001: 0001-confdb-avoid-syslog-message-when-no-domains-are-enab.patch
|
|
||||||
Patch0002: 0002-monitor-read-all-enabled-domains-in-add_implicit_ser.patch
|
|
||||||
Patch0003: 0003-sss_cache-use-ERR_NO_DOMAIN_ENABLED-instead-of-ENOEN.patch
|
|
||||||
Patch0004: 0004-confdb-chande-debug-level-when-no-domain-are-found-i.patch
|
|
||||||
|
|
||||||
### Dependencies ###
|
### Dependencies ###
|
||||||
|
|
||||||
Requires: sssd-ad = %{version}-%{release}
|
Requires: sssd-ad = %{version}-%{release}
|
||||||
@ -1063,6 +1058,9 @@ fi
|
|||||||
%systemd_postun_with_restart sssd.service
|
%systemd_postun_with_restart sssd.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Nov 4 2022 Pavel Březina <pbrezina@redhat.com> - 2.8.1-1
|
||||||
|
- Rebase to SSSD 2.8.1
|
||||||
|
|
||||||
* Mon Oct 24 2022 Pavel Březina <pbrezina@redhat.com> - 2.8.0-2
|
* Mon Oct 24 2022 Pavel Březina <pbrezina@redhat.com> - 2.8.0-2
|
||||||
- Fix regression, syslog is no longer spammed when no SSSD domain is configured (#2133437)
|
- Fix regression, syslog is no longer spammed when no SSSD domain is configured (#2133437)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user