Bug 814269
Summary: | sssd-1.5.1-66.el6_2.3.x86_64 freezes | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Taunus <codezilla> | |
Component: | sssd | Assignee: | Stephen Gallagher <sgallagh> | |
Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> | |
Severity: | high | Docs Contact: | ||
Priority: | unspecified | |||
Version: | 6.2 | CC: | andias, cory.meyer, grajaiya, jgalipea, kbanerje, prc | |
Target Milestone: | rc | |||
Target Release: | --- | |||
Hardware: | x86_64 | |||
OS: | Linux | |||
Whiteboard: | ||||
Fixed In Version: | sssd-1.8.0-22.el6 | Doc Type: | Bug Fix | |
Doc Text: |
Cause: The openldap client libraries (used by SSSD) do not time out properly if communication with an LDAP server would DROP packets instead of REJECTing them.
Consequence: SSSD would hang and never respond to requests.
Fix: SSSD added a timer to ensure that connections are given up on after a reasonable time.
Result: SSSD no longer hangs, unresponsive if the LDAP server is not responding.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1291709 (view as bug list) | Environment: | ||
Last Closed: | 2012-06-20 11:56:47 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1291709 |
Description
Taunus
2012-04-19 13:51:36 UTC
This was fixed upstream as commit https://fedorahosted.org/sssd/changeset/5bf2314b9f64099cd4e88b8f3498d986d97e1ac6/ included in SSSD 1.7.0 and 1.8.0. Do you know when the fixed version will be available on rhel? (In reply to comment #3) > Do you know when the fixed version will be available on rhel? It will be fixed in RHEL 6.3, the beta of which should be released fairly soon. Just downloaded sssd rhel beta packages. The beta package version is sssd-1.8.0-22.el6 and the fixed packages in the bug says sssd-1.8.0-23.el6. (In reply to comment #7) > Just downloaded sssd rhel beta packages. The beta package version is > sssd-1.8.0-22.el6 and the fixed packages in the bug says sssd-1.8.0-23.el6. Yes, sorry. Apparently the RHEL beta shipped with -22. This is fixed and ready for the final release. If you contact your support rep, they may be able to provide you with the newer build. Actually, I correct that. It looks like the package version is incorrect above. It should already be fixed in -22 (I need to read more carefully). Correcting the FixedIn version. Ok, I've tested the new packages a bit and sssd-1.8.0-22.el6 works much better than the sssd-1.5.1-66 Verified with version: # rpm -qi sssd | head Name : sssd Relocations: (not relocatable) Version : 1.8.0 Vendor: Red Hat, Inc. Release : 23.el6 Build Date: Fri 20 Apr 2012 11:30:39 PM IST Install Date: Wed 25 Apr 2012 07:28:48 PM IST Build Host: x86-003.build.bos.redhat.com Group : Applications/System Source RPM: sssd-1.8.0-23.el6.src.rpm Size : 7874744 License: GPLv3+ Signature : (none) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://fedorahosted.org/sssd/ Summary : System Security Services Daemon Verification steps ( The delay is of 6 seconds now): # iptables -I OUTPUT -d ipaserver.example.com -j DROP # date;id kau1;date Fri Apr 20 16:15:14 IST 2012 id: kau1: No such user Fri Apr 20 16:15:20 IST 2012 Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: The openldap client libraries (used by SSSD) do not time out properly if communication with an LDAP server would DROP packets instead of REJECTing them. Consequence: SSSD would hang and never respond to requests. Fix: SSSD added a timer to ensure that connections are given up on after a reasonable time. Result: SSSD no longer hangs, unresponsive if the LDAP server is not responding. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0747.html Is this bug going to be fixed for RHEL5 sssd packages? |