dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone
Source Code
GIT

Blame SOURCES/0094-AD-IPA-Reset-subdomain-service-name-not-domain-name.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s
  1.   71e59364bf4bf30ca1631dcafcbe696959a37827
  2.   SOURCES
  3.   0094-AD-IPA-Reset-subdomain-service-name-not-domain-name.patch
Blob History Raw
71e593 
From b3285f9f8a5eac3e4e70ed3bd6b74c15ad806e9e Mon Sep 17 00:00:00 2001
71e593 
From: Jakub Hrozek <jhrozek@redhat.com>
71e593 
Date: Wed, 19 Dec 2018 14:12:25 +0100
71e593 
Subject: [PATCH 94/95] AD/IPA: Reset subdomain service name, not domain name
71e593
71e593 
Related:
71e593 
https://pagure.io/SSSD/sssd/issue/3911
71e593
71e593 
Since commit 778f241e78241b0d6b8734148175f8dee804f494 the subdomain fail
71e593 
over services use the "sd_" prefix. This was done to make it easier,
71e593 
until the whole failover design works better with subdomains, to see
71e593 
which services belong to the main domain from tools.
71e593
71e593 
However, some parts of the code would still just use the domain name for
71e593 
the failover service, which meant the service was not found, notably
71e593 
when trying to reset services:
71e593
71e593 
(Thu Dec 13 05:29:31 2018) [sssd[be[testrelm.test]]] [ipa_srv_ad_acct_retried] (0x0400): Subdomain re-set, will retry lookup
71e593 
(Thu Dec 13 05:29:31 2018) [sssd[be[testrelm.test]]] [be_fo_reset_svc] (0x1000): Resetting all servers in service ipaad2016.test
71e593 
(Thu Dec 13 05:29:31 2018) [sssd[be[testrelm.test]]] [be_fo_reset_svc] (0x0080): Cannot retrieve service [ipaad2016.test]
71e593
71e593 
This patch switches to reading the service names from the ad_options and
71e593 
the sdap_service structures that are contained within ad_options.
71e593
71e593 
Reviewed-by: Tomas Halman <thalman@redhat.com>
71e593 
---
71e593 
 src/providers/ad/ad_common.c          | 13 +++++++++++++
71e593 
 src/providers/ad/ad_common.h          |  4 ++++
71e593 
 src/providers/ipa/ipa_subdomains_id.c | 11 ++++++++++-
71e593 
 src/providers/ldap/ldap_common.c      | 11 +++++++++++
71e593 
 src/providers/ldap/ldap_common.h      |  3 +++
71e593 
 5 files changed, 41 insertions(+), 1 deletion(-)
71e593
71e593 
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c
71e593 
index 0d154ca57..cb5912838 100644
71e593 
--- a/src/providers/ad/ad_common.c
71e593 
+++ b/src/providers/ad/ad_common.c
71e593 
@@ -839,6 +839,19 @@ done:
71e593 
     return ret;
71e593 
 }
71e593
71e593 
+void
71e593 
+ad_failover_reset(struct be_ctx *bectx,
71e593 
+                  struct ad_service *adsvc)
71e593 
+{
71e593 
+    if (adsvc == NULL) {
71e593 
+        DEBUG(SSSDBG_CRIT_FAILURE, "NULL service\n");
71e593 
+        return;
71e593 
+    }
71e593 
+
71e593 
+    sdap_service_reset_fo(bectx, adsvc->sdap);
71e593 
+    sdap_service_reset_fo(bectx, adsvc->gc);
71e593 
+}
71e593 
+
71e593 
 static void
71e593 
 ad_resolve_callback(void *private_data, struct fo_server *server)
71e593 
 {
71e593 
diff --git a/src/providers/ad/ad_common.h b/src/providers/ad/ad_common.h
71e593 
index cb4dda750..662276cb6 100644
71e593 
--- a/src/providers/ad/ad_common.h
71e593 
+++ b/src/providers/ad/ad_common.h
71e593 
@@ -148,6 +148,10 @@ ad_failover_init(TALLOC_CTX *mem_ctx, struct be_ctx *ctx,
71e593 
                  bool use_kdcinfo,
71e593 
                  struct ad_service **_service);
71e593
71e593 
+void
71e593 
+ad_failover_reset(struct be_ctx *bectx,
71e593 
+                  struct ad_service *adsvc);
71e593 
+
71e593 
 errno_t
71e593 
 ad_get_id_options(struct ad_options *ad_opts,
71e593 
                    struct confdb_ctx *cdb,
71e593 
diff --git a/src/providers/ipa/ipa_subdomains_id.c b/src/providers/ipa/ipa_subdomains_id.c
71e593 
index 48cf74460..b841f0a52 100644
71e593 
--- a/src/providers/ipa/ipa_subdomains_id.c
71e593 
+++ b/src/providers/ipa/ipa_subdomains_id.c
71e593 
@@ -1757,6 +1757,7 @@ fail:
71e593 
 static void ipa_srv_ad_acct_retried(struct tevent_req *subreq)
71e593 
 {
71e593 
     errno_t ret;
71e593 
+    struct ad_id_ctx *ad_id_ctx;
71e593 
     struct tevent_req *req = tevent_req_callback_data(subreq,
71e593 
                                                 struct tevent_req);
71e593 
     struct ipa_srv_ad_acct_state *state = tevent_req_data(req,
71e593 
@@ -1772,7 +1773,15 @@ static void ipa_srv_ad_acct_retried(struct tevent_req *subreq)
71e593 
     }
71e593
71e593 
     DEBUG(SSSDBG_TRACE_FUNC, "Subdomain re-set, will retry lookup\n");
71e593 
-    be_fo_reset_svc(state->be_ctx, state->obj_dom->name);
71e593 
+    ad_id_ctx = ipa_get_ad_id_ctx(state->ipa_ctx, state->obj_dom);
71e593 
+    if (ad_id_ctx == NULL || ad_id_ctx->ad_options == NULL) {
71e593 
+        DEBUG(SSSDBG_CRIT_FAILURE, "No AD ID ctx or no ID CTX options?\n");
71e593 
+        state->dp_error = DP_ERR_FATAL;
71e593 
+        tevent_req_error(req, EINVAL);
71e593 
+        return;
71e593 
+    }
71e593 
+
71e593 
+    ad_failover_reset(state->be_ctx, ad_id_ctx->ad_options->service);
71e593
71e593 
     ret = ipa_srv_ad_acct_lookup_step(req);
71e593 
     if (ret != EOK) {
71e593 
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
71e593 
index 9cd8ec09c..237749aae 100644
71e593 
--- a/src/providers/ldap/ldap_common.c
71e593 
+++ b/src/providers/ldap/ldap_common.c
71e593 
@@ -520,6 +520,17 @@ static int ldap_user_data_cmp(void *ud1, void *ud2)
71e593 
     return strcasecmp((char*) ud1, (char*) ud2);
71e593 
 }
71e593
71e593 
+void sdap_service_reset_fo(struct be_ctx *ctx,
71e593 
+                           struct sdap_service *service)
71e593 
+{
71e593 
+    if (service == NULL) {
71e593 
+        DEBUG(SSSDBG_CRIT_FAILURE, "NULL service\n");
71e593 
+        return;
71e593 
+    }
71e593 
+
71e593 
+    be_fo_reset_svc(ctx, service->name);
71e593 
+}
71e593 
+
71e593 
 int sdap_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx,
71e593 
                       const char *service_name, const char *dns_service_name,
71e593 
                       const char *urls, const char *backup_urls,
71e593 
diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h
71e593 
index 6c08d789b..89d819fb9 100644
71e593 
--- a/src/providers/ldap/ldap_common.h
71e593 
+++ b/src/providers/ldap/ldap_common.h
71e593 
@@ -171,6 +171,9 @@ int sdap_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx,
71e593 
                       const char *urls, const char *backup_urls,
71e593 
                       struct sdap_service **_service);
71e593
71e593 
+void sdap_service_reset_fo(struct be_ctx *ctx,
71e593 
+                           struct sdap_service *service);
71e593 
+
71e593 
 const char *sdap_gssapi_realm(struct dp_option *opts);
71e593
71e593 
 int sdap_gssapi_init(TALLOC_CTX *mem_ctx,
71e593 
--
71e593 
2.19.1
71e593

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation