Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1157757 - When using slapi-nis to provide access to AD users to legacy clients, 389-ds threads lock on access to getgrgid_r()
When using slapi-nis to provide access to AD users to legacy clients, 389-ds ...
Status: CLOSED DUPLICATE of bug 1202996
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: slapi-nis (Show other bugs)
7.0
x86_64 Linux
unspecified Severity high
: rc
: ---
Assigned To: Alexander Bokovoy
Namita Soman
Tomas Capek
:
Depends On:
Blocks: 1180596 1205796 1133060 1168850 1179458 1182933 1185286 1187501 1189279
  Show dependency treegraph
 
Reported: 2014-10-27 11:50 EDT by Konstantin Lepikhov
Modified: 2015-08-13 22:48 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Known Issue
Doc Text:
When the Schema Compatibility plug-in is configured to provide Active Directory (AD) users access to legacy clients using the Identity Management (IdM) cross-forest trust to AD, the 389 Directory Server can under certain conditions increase CPU consumption upon receiving a request to resolve complex group membership of an AD user.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-03-26 17:27:26 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Konstantin Lepikhov 2014-10-27 11:50:28 EDT 
Description of problem:

Originally spotted in #sfdc case 01190699

Attaching strace, pstack from ns-ldap server and logs from RHEL5.

Version-Release number of selected component (if applicable):
slapi-nis-0.52-6.el7_0

How reproducible:
In customer environment

Actual results:
ns-ldapd consume 100% CPU

Expected results:
we need a mechanism to filter/cache such requests in glibc and not abuse nss_file.
Comment 11 Alexander Bokovoy 2015-02-18 10:41:57 EST 
Yes.
Comment 15 Alexander Bokovoy 2015-03-26 16:18:29 EDT 
This bug is fixed with bug 1202995 and https://rhn.redhat.com/errata/RHSA-2015-0728.html in RHEL 7.1.z
Comment 16 Dmitri Pal 2015-03-26 17:27:26 EDT 

*** This bug has been marked as a duplicate of bug 1202996 ***
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.