Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refresh_expired_interval does not work with netgrous in 1.15 #4576

Closed
sssd-bot opened this issue May 2, 2020 · 0 comments
Closed

refresh_expired_interval does not work with netgrous in 1.15 #4576

sssd-bot opened this issue May 2, 2020 · 0 comments
Assignees
@jhrozek
Labels
Closed: Fixed Issue was closed as fixed.

Comments

@sssd-bot
Copy link

sssd-bot commented May 2, 2020

Cloned from Pagure issue: https://pagure.io/SSSD/sssd/issue/3550

  • Created at 2017-10-19 13:55:36 by lslebodn
  • Closed at 2018-04-04 15:01:18 as Fixed
  • Assigned to jhrozek

sssd.conf:

    [sssd]
    config_file_version = 2
    services = nss, pam
    domains = LDAP

    [nss]
    filter_groups = root
    filter_users = root
    entry_cache_nowait_percentage = 50
    memcache_timeout = 1

    [domain/LDAP]
    id_provider = ldap
    ldap_uri = ldap://$SERVER
    ldap_netgroup_search_base = ou=Netgroups,$BASE_DN
    cache_credentials = TRUE
    entry_cache_timeout = 120
    refresh_expired_interval = 25
    debug_level = 9

Initial data in LDAP:

    dn: cn=netgrp_art,ou=Netgroups,$BASE_DN
    objectClass: nisNetgroup
    objectClass: top
    cn: netgrp_art
    nisNetgroupTriple: (host1,kau10,example.com)

Steps to reproduce:

  • clean sssd cache and restart sssd rm -f /var/lib/sss/db/*; service sssd restart
  • getent netgroup netgrp_art
  • modify netgroup tripplet in LDAP
        dn: cn=netgrp_art,ou=Netgroups,$BASE_DN
        changetype: modify
        replace: nisNetgroupTriple
        nisNetgroupTriple: (host2,ami10,example.com)
  • sleep a second more that value of refresh_expired_interval
  • sleep 26
  • check that returned entry has new value getent netgroup netgrp_art | grep host2

Comments

Comment from lslebodn at 2017-10-19 13:55:48

Metadata Update from @lslebodn:

  • Issue tagged with: regression

Comment from lslebodn at 2017-10-19 14:10:46

My experience is that entry in sssd cache was refreshed after 104 seconds but responder returned new value after 120 seconds.

Comment from jhrozek at 2017-10-31 22:25:38

Metadata Update from @jhrozek:

  • Issue priority set to: blocker
  • Issue set to the milestone: SSSD 1.16.1

Comment from jockesssd at 2018-03-05 17:23:07

This seems like old bug in 1.15 already and it is blocking 1.16.1 now.
Move to 1.16.2 so 1.16.1 can move forward?

Comment from jhrozek at 2018-03-05 21:06:15

Metadata Update from @jhrozek:

  • Issue assigned to jhrozek

Comment from jhrozek at 2018-03-05 21:07:45

I tend to agree, because what was broken was not the background refresh itself, but netgroup-only code. So if the PR won't be reviewed quite soon, I would also prefer to remove the ticket from 1.16.1 and release the tarball.

PR: #528

Comment from jhrozek at 2018-03-05 21:07:47

Metadata Update from @jhrozek:

  • Issue tagged with: PR

Comment from jockesssd at 2018-03-06 09:23:51

Nice :) The PR seems simple enough to make it into 1.16.1

Comment from jhrozek at 2018-03-09 13:09:21

Metadata Update from @jhrozek:

  • Issue set to the milestone: SSSD 1.16.2 (was: SSSD 1.16.1)

Comment from jhrozek at 2018-04-04 15:00:57

Comment from jhrozek at 2018-04-04 15:01:21

Metadata Update from @jhrozek:

  • Issue close_status updated to: Fixed
  • Issue status updated to: Closed (was: Open)
@sssd-bot sssd-bot added Closed: Fixed Issue was closed as fixed. Regression labels May 2, 2020
@sssd-bot sssd-bot closed this as completed May 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jhrozek jhrozek

Labels
Closed: Fixed Issue was closed as fixed.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jhrozek @sssd-bot