Bug 830206
Summary: | the module needs to ensure it's built against 389-ds-base 1.2.10 or later to have transaction support enabled | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | RHEL Program Management <pm-rhel> |
Component: | slapi-nis | Assignee: | Nalin Dahyabhai <nalin> |
Status: | CLOSED WONTFIX | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | 6.2 | CC: | dpal, grajaiya, jgalipea, jpallich, nalin, nkinder, pm-eus, syeghiay |
Target Milestone: | rc | Keywords: | ZStream |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | slapi-nis-0.40-1.el6_3.1 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-06-13 18:55:56 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 829502 | ||
Bug Blocks: |
Description
RHEL Program Management
2012-06-08 14:35:34 UTC
The test variable is whether or not the server supports transactions. If we test the old version of the package (the 6.2 version: 0.26) with the new version of the directory server (the 6.3 version: 1.2.10 or later), we should see the server deadlock if we modify an entry for which computing the contents of the corresponding synthetic entry requires that we read information from other entries in the directory. In that scenario (say, we modify a group entry, where the compat entry is configured so that it will provide the "uid" values of its members as if they were its own "memberUid" values, so the plugin has to go look at member entries), we should expect a deadlock. If we replace the version of the plugin with one which has transaction support (this update -- note that the original 6.3 update had support for it in the source, but we didn't compile it in properly), that same operation should succeed without a deadlock. reproduced with :: ipa-server-2.2.0-16.el6.i686 slapi-nis-0.40-1.el6.i686 389-ds-base-1.2.10.2-15.el6.i686 command hung and directory server unresponsive and would not start on machine reboot verification attempt with :: ipa-server-2.2.0-16.el6.i686 389-ds-base-1.2.10.2-17.el6_3.i686 slapi-nis-0.40-1.el6_3.1.i686 # ldapmodify -x -D "cn=Directory Manager" -w Secret123 -f /tmp/modifycfg.ldif modifying entry "cn=MemberOf Plugin,cn=plugins,cn=config" # service dirsrv restart Shutting down dirsrv: PKI-IPA... [ OK ] TESTRELM-COM... [ OK ] Starting dirsrv: PKI-IPA... [ OK ] TESTRELM-COM... [ OK ] # ldapsearch -x -D "cn=Directory Manager" -w Secret123 -b "cn=config" | grep "schema-compat-entry-attribute: memberUid=" schema-compat-entry-attribute: memberUid=%{memberUid} schema-compat-entry-attribute: memberUid=%deref_r("member","uid") # ldapsearch -x -D "cn=Directory Manager" -w Secret123 -b "cn=config" | grep "schema-compat-entry-attribute: memberUid=" schema-compat-entry-attribute: memberUid=%{memberUid} schema-compat-entry-attribute: memberUid=%deref_r("member","uid") # ipa user-add --first=compat1 --last=compat1 compat1 command still hangs and directory server is unresponsive ldapsearch unsuccessful - hangs and /var/log/messages <snip> Jun 13 12:41:02 dhcp-187-175 named[31176]: LDAP query timed out. Try to adjust "timeout" parameter Jun 13 12:41:32 dhcp-187-175 named[31176]: LDAP query timed out. Try to adjust "timeout" parameter Jun 13 12:42:02 dhcp-187-175 named[31176]: LDAP query timed out. Try to adjust "timeout" parameter Jun 13 12:42:32 dhcp-187-175 named[31176]: LDAP query timed out. Try to adjust "timeout" parameter Jun 13 12:43:02 dhcp-187-175 named[31176]: LDAP query timed out. Try to adjust "timeout" parameter Jun 13 12:43:32 dhcp-187-175 named[31176]: LDAP query timed out. Try to adjust "timeout" parameter Jun 13 12:44:02 dhcp-187-175 named[31176]: LDAP query timed out. Try to adjust "timeout" parameter Jun 13 12:44:32 dhcp-187-175 named[31176]: LDAP query timed out. Try to adjust "timeout" parameter Jun 13 12:45:02 dhcp-187-175 named[31176]: LDAP query timed out. Try to adjust "timeout" parameter </snip> Here's what the current failure looks like: thread 29: add our-postop-add our wrlock succeeds search back-search (database lock blocks) thread 30: modify back-modify (database lock succeeds) memberof-postop-modify modify our-internal-postop-modify our wrlock blocks Transactions will not be supported with 389-ds-base and IPA in RHEL 6.3 and there for the need to build slapi-nis with transaction support is not necessary. Closing this bug WONTFIX for 6.3 and leaving the 6.4 bug open for the support. |