Bug 962576

Summary: PassSync fails to open changelog
Product: Red Hat Enterprise Linux 7 Reporter: Noriko Hosoi <nhosoi>
Component: 389-ds-baseAssignee: Rich Megginson <rmeggins>
Status: CLOSED NOTABUG QA Contact: Sankar Ramalingam <sramling>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.0   
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-05-13 23:22:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Noriko Hosoi 2013-05-13 23:06:14 UTC
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/389/ticket/47353

We have seen some instances of PassSync failing to open it's changelog (passhook.dat) even though it exists.  In the PassSync log, you will see looping messages like this:

  04/21/13 18:02:49: No entries yet
  04/22/13 05:55:49: No entries yet
  04/22/13 06:11:24: No entries yet
  04/22/13 06:47:02: No entries yet
  04/22/13 07:51:44: No entries yet

If you look in the PassSync code, this message only occurs when we attempt to run SyncPasswords(), which is only executed on start-up, or when we receive a notification from passhook.dll.  The fact that this message loops without PassSync restarting means that passhook.dll is writing changes to the changelog and properly notifying PassSync that we need to process the changes.  If you trace the code further, you will see that "No entries yet" only occurs when loadSet() returns 1.  The loadSet() function only returns 1 when the open() fails with ENOENT.

When this problem happens, we know that the changelog file exists since passhook.dll is writing changes there and notifying us.  This leads me to believe that PassSync is using an incorrect filename when it tries to open the changelog.  The filename is built up dynamically when PassSync is started.  It is made of of the "%SystemRoot%" environment variable plus a hard coded path:

  ExpandEnvironmentStrings("%SystemRoot%", sysPath, SYNCSERV_BUF_SIZE);
  _snprintf(dataFilename, SYNCSERV_BUF_SIZE, "%s\\system32\\passhook.dat", sysPath);

I believe that "%SystemRoot%" is not being properly expanded when this problem occurs, but I'm not sure what triggers this to happen.  Regardless, I think we need to handle things better when this expansion fails.  If we can't expand this variable, we should probably fail to start the PassSync service.  It would also be helpful to log the filename we are using when we encounter a problem like the ENOENT error.