Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1506682 - sssd_client: add mutex protected call to the PAC responder [rhel-7.4.z]
sssd_client: add mutex protected call to the PAC responder [rhel-7.4.z]
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd (Show other bugs)
7.4
Unspecified Unspecified
high Severity high
: rc
: ---
Assigned To: SSSD Maintainers
Nikhil Dehadrai
: ZStream
Depends On: 1461462
Blocks:
  Show dependency treegraph
 
Reported: 2017-10-26 10:27 EDT by Oneata Mircea Teodor
Modified: 2017-12-05 05:51 EST (History)
23 users (show)

See Also:
Fixed In Version: sssd-1.15.2-50.el7_4.7
Doc Type: Bug Fix
Doc Text:
Previously, the calls provided by SSSD to send data to the Privilege Attribute Certificate (PAC) responder did not use a mutex or any other means to serialize access to the PAC responder from a single process. When multithreaded applications overran the PAC responder with multiple parallel requests, some threads did not receive a proper reply. Consequently, such threads only resumed work after waiting 5 minutes for a response. This update configures mutex to serialize access to the PAC responder socket for multithreaded applications. As a result, all threads now get a proper and timely reply.
Story Points: ---
Clone Of: 1461462
Environment:
Last Closed: 2017-12-05 05:51:36 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:3379 normal SHIPPED_LIVE Moderate: sssd security and bug fix update 2017-12-05 01:11:14 EST

  None (edit)
Description Oneata Mircea Teodor 2017-10-26 10:27:26 EDT 
This bug has been copied from bug #1461462 and has been proposed to be backported to 7.4 z-stream (EUS).
Comment 3 Nikhil Dehadrai 2017-11-13 05:33:22 EST 
IPA-server: ipa-server-4.5.0-22.el7_4.x86_64
sssd version: sssd-ipa-1.15.2-50.el7_4.8.x86_64


Verified the bug with following tests/ observations:
1. Tested that the sanity test suite for IPA-Trust Functional-ssh runs successfully.
2. Tested that the sanity test suite for IPA-Trust Functional-sudo runs successfully.
3. Tested that the sanity test suite for IPA-Trust Functional-user runs successfully.


Thus marking the status of bug to "VERIFIED", based on above observations.
Comment 11 errata-xmlrpc 2017-12-05 05:51:36 EST 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:3379
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.