Bug 1490501 – sssd incorrectly checks 'try_inotify' thinking it is the wrong section

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1490501 - sssd incorrectly checks 'try_inotify' thinking it is the wrong section

Summary:	sssd incorrectly checks 'try_inotify' thinking it is the wrong section

Status:	CLOSED ERRATA

Aliases:	None

Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	sssd (Show other bugs)
Sub Component:
Version:	7.3
Hardware:	All All

Priority	low Severity low
Target Milestone:	rc
Target Release:	---
Assigned To:	SSSD Maintainers
QA Contact:	Amith
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2017-09-11 15:18 EDT by Eugene Keck
Modified:	2018-05-29 05:01 EDT (History)
CC List:	9 users (show)

See Also:
Fixed In Version:	sssd-1.16.0-1.el7
Doc Type:	If docs needed, set a value
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2018-04-10 13:16:19 EDT
Type:	Bug
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
CentOS	13788	None	None	None	2017-09-11 15:19 EDT
Red Hat Product Errata	RHEA-2018:0929	None	None	None	2018-04-10 13:17 EDT

Groups: None (edit)

Description Eugene Keck 2017-09-11 15:18:31 EDT

Description of problem:
[rule/allowed_sssd_options]: Attribute 'try_inotify' is not allowed in section 'sssd'. Check for typos.

Version-Release number of selected component (if applicable):
sssd-1.15.2-50.el7

How reproducible:
Always

Steps to Reproduce:
1. add try_inotify option to the [sssd] section

Actual results:
(Mon Sep 11 15:02:52:190955 2017) [sssd] [sss_ini_call_validators] (0x0020): [rule/allowed_sssd_options]: Attribute 'try_inotify' is not allowed in section 'sssd'. Check for typos.

Additional info:
It does correctly set the option.

[sssd]
services = sudo, nss, ifp, pam, ssh
domains = example.local
try_inotify = false

(Mon Sep 11 15:02:52:190955 2017) [sssd] [sss_ini_call_validators] (0x0020): [rule/allowed_sssd_options]: Attribute 'try_inotify' is not allowed in section 'sssd'. Check for typos.
(Mon Sep 11 15:02:52:191688 2017) [sssd] [sss_confdb_create_ldif] (0x0400): Processing attribute [try_inotify]
(Mon Sep 11 15:02:52:191706 2017) [sssd] [sss_confdb_create_ldif] (0x4000): try_inotify: false


[sssd]
services = sudo, nss, ifp, pam, ssh
domains = example.local
try_inotify = true

(Mon Sep 11 15:05:02:859450 2017) [sssd] [sss_ini_call_validators] (0x0020): [rule/allowed_sssd_options]: Attribute 'try_inotify' is not allowed in section 'sssd'. Check for typos.
(Mon Sep 11 15:05:02:860188 2017) [sssd] [sss_confdb_create_ldif] (0x0400): Processing attribute [try_inotify]
(Mon Sep 11 15:05:02:860206 2017) [sssd] [sss_confdb_create_ldif] (0x4000): try_inotify: true

Comment 2 Jakub Hrozek 2017-09-12 02:45:40 EDT

Upstream ticket:
https://pagure.io/SSSD/sssd/issue/3511

Comment 3 Lukas Slebodnik 2017-09-13 04:18:38 EDT

master:
* 895584001760e8188db486bc39f9938624822d35

sssd-1-14:
* 69e61a52493a8c143f83763c2dd783cabea5c9f4

Comment 5 Amith 2017-11-30 11:11:37 EST

Verified the bug on SSSD Version : sssd-1.16.0-7.el7.x86_64

Steps followed during verification:

1. Install an older sssd build, for example sssd-1.15.2-50.el7_4.8, to reproduce the problem.

2. Configure sssd.conf as follows:

[sssd]
config_file_version = 2
services = nss, pam
domains = LDAP
debug_level = 0xFFF0
try_inotify = false

[pam]

[domain/LDAP]
debug_level = 0xFFF0
id_provider = ldap
ldap_uri = ldap://hubcap.lab.eng.pnq.redhat.com
ldap_search_base = dc=example,dc=com
ldap_tls_cacert = /etc/openldap/certs/cacert.asc

3. Start SSSD service and grep for inotify in sssd.log file. You should see the typo error.

# grep inotify sssd.log
[sssd] [sss_ini_call_validators] (0x0020): [rule/allowed_sssd_options]: Attribute 'try_inotify' is not allowed in section 'sssd'. Check for typos.
[sssd] [sss_ini_call_validators] (0x0020): [rule/allowed_sssd_options]: Attribute 'try_inotify' is not allowed in section 'sssd'. Check for typos.

4. Upgrade SSSD to the latest version and restart sssd service.

# rpm -q sssd
sssd-1.16.0-7.el7.x86_64

5. Repeat the grep command and the typo error vanished.

# grep inotify sssd.log
[sssd] [snotify_watch] (0x2000): Opened inotify fd 0
[sssd] [_snotify_create] (0x0400): Added a watch for /etc/resolv.conf with inotify flags 0x8D88 internal flags 0x1 using function resolv_conf_inotify_cb after delay 1.0
[sssd] [watch_ctx_destructor] (0x2000): Closing inotify fd 0

Comment 8 errata-xmlrpc 2018-04-10 13:16:19 EDT

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:0929

Note You need to log in before you can comment on or make changes to this bug.