| Summary: | Wrong resolv_status might cause crash when name resolution times out | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Dmitri Pal <dpal> |
| Component: | sssd | Assignee: | Stephen Gallagher <sgallagh> |
| Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.3 | CC: | grajaiya, jgalipea, jhrozek, kbanerje, prc |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | sssd-1.8.0-20.el6 | Doc Type: | Bug Fix |
| Doc Text: |
No documentation needed.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-06-20 11:56:28 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Dmitri Pal
2012-03-22 12:58:19 UTC
Please add steps to verify this issue (In reply to comment #1) > Please add steps to verify this issue I'm going to write a unit test that exercises this part of the resolver code. Other than that, setting up a DROP rule on a machine that runs the DNS server should trigger the timeout as well.
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
No documentation needed.
Verified in version: # rpm -qi sssd | head Name : sssd Relocations: (not relocatable) Version : 1.8.0 Vendor: Red Hat, Inc. Release : 22.el6 Build Date: Mon 09 Apr 2012 07:40:33 PM IST Install Date: Mon 16 Apr 2012 04:57:02 PM IST Build Host: x86-003.build.bos.redhat.com Group : Applications/System Source RPM: sssd-1.8.0-22.el6.src.rpm Size : 7870660 License: GPLv3+ Signature : (none) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://fedorahosted.org/sssd/ Summary : System Security Services Daemon Steps to verify: 1. Add a drop rule(drop on 53 udp port) on the DNS Server. 2. Lookup a user. With the patched version(1.8.0-22) I see the following in the logs: [resolv_gethostbyname_done] (0x0040): querying hosts database failed [110]: Connection timed out [fo_resolve_service_done] (0x0020): Failed to resolve server 'server1.example.com': Timeout while contacting DNS servers [be_resolve_server_done] (0x0080): Couldn't resolve server (server1.example.com), resolver returned (110) With the unpatched version, the log shows: [resolv_gethostbyname_done] (0x0040): querying hosts database failed [110]: Connection timed out [fo_resolve_service_done] (0x0020): Failed to resolve server 'server1.example.com': Successful completion [be_resolve_server_done] (0x1000): Saving the first resolved server [be_resolve_server_done] (0x0020): FATAL: No hostent available for server (server1.example.com) [be_resolve_server_done] (0x1000): Server resolution failed: 14 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0747.html |