1256518 – database cleanup/expire procedure

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1256518 - database cleanup/expire procedure

Summary: database cleanup/expire procedure

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	ipsilon
Sub Component:
Version:	7.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Rob Crittenden
QA Contact:	Namita Soman
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1265261 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-08-24 19:57 UTC by Nathan Kinder
Modified:	2015-11-19 10:50 UTC (History)
CC List:	4 users (show)
Fixed In Version:	ipsilon-1.0.0-11.el7
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-11-19 10:50:57 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHEA-2015:2319	0	normal	SHIPPED_LIVE	new packages: ipsilon	2015-11-19 10:06:13 UTC

Description Nathan Kinder 2015-08-24 19:57:06 UTC

This bug is created as a clone of upstream ticket:
https://fedorahosted.org/ipsilon/ticket/155

Currently on the saml2 session database has a background task for cleanup. A generic mechanism is needed to clean up/expire old entries across any database.

The default should be to do nothing as some (e.g. config) don't need cleanup.

Comment 3 Patrick Uiterwijk 2015-09-06 17:11:39 UTC

This has been fixed upstream in the following commits:
Framework: 1e985d549481a2ca0e03440e410912b4e2b49271
TranStore: 2b17119bb97eba45030d18f590624c2b2a9f257e
Sessions: 24fa1f2acd9cb84342064ec59b311968353fd0ae
OpenIDStore: 11bbbe3ac6a0842599ab2e5110427758ebaa5573

Comment 6 Patrick Uiterwijk 2015-09-22 16:32:40 UTC

*** Bug 1265261 has been marked as a duplicate of this bug. ***

Comment 7 Jan Pazdziora (Red Hat) 2015-09-23 06:16:33 UTC

Per bug 1265261, things are broken in ipsilon-1.0.0-10 so this bugzilla should likely be in ASSIGNED, for fix in the backport.

Comment 9 Scott Poore 2015-10-14 17:43:33 UTC

Verified.

Version ::

ipsilon-1.0.0-12.el7.noarch

Results ::

I installed IPA Server and 2 clients.  1 IPA client setup as IDP server and the other setup as SP.

Create a user and login to a third IPA client workstation with X.  Configure firefox for kerberos for the IPA domain.

Setup IDP debug logging:

/etc/ipsilon/idp/ipsilon.conf
[global]
debug = True
tools.log_request_response.on = True
...
db.conn.log = True
log.screen = True
...

Then connect via GSSAPI from workstation as user to SP.  Check logs on IDP for scheduled cleanups:

[Wed Oct 14 11:09:53.937544 2015] [:error] [pid 11211] [14/Oct/2015:11:09:53] ENGINE Started monitor thread 'Session cleanup'.
...
[Wed Oct 14 11:09:53.942111 2015] [:error] [pid 11211] [14/Oct/2015:11:09:53]  DEBUG(ipsilon/util/data.py:317 TranStore._schedule_cleanup()): Scheduling cleanups for TranStore
...
[Wed Oct 14 11:10:53.971045 2015] [:error] [pid 11211] [14/Oct/2015:11:10:53]  DEBUG(ipsilon/util/data.py:345 SAML2SessionStore._maybe_run_cleanup()): Cleaned up 0 entries for SAML2SessionStore

Comment 10 errata-xmlrpc 2015-11-19 10:50:57 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2015-2319.html

Note You need to log in before you can comment on or make changes to this bug.