This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 645437 - NSS responder dies if DP dies during a request
NSS responder dies if DP dies during a request
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: sssd (Show other bugs)
5.6
All All
low Severity medium
: rc
: ---
Assigned To: Stephen Gallagher
Chandrasekar Kannan
:
Depends On: 645434 645438
Blocks: 640580
  Show dependency treegraph
 
Reported: 2010-10-21 09:48 EDT by Stephen Gallagher
Modified: 2015-01-04 18:44 EST (History)
7 users (show)

See Also:
Fixed In Version: sssd-1.2.1-35.el5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 645434
Environment:
Last Closed: 2011-01-13 17:37:25 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Stephen Gallagher 2010-10-21 09:48:54 EDT
+++ This bug was initially created as a clone of Bug #645434 +++

Description of problem:
If a data provider dies during a NSS request the NSS responder dies if the timeout of the open and unhandled requests is reached.

Version-Release number of selected component (if applicable):
At least sssd-1.2 and above

How reproducible:
There is no know error in the LDAP provider which can be used to trigger this issue, so the sssd_be process must be killed manually. 

Steps to Reproduce:
1. Configure sssd with id_provider=ldap.
2. Choose a slow LDAP server and a very large group or find some other way to make the LDAP request last long.
3. getent group very_large_group
4. kill sssd_be immediatly after calling getent
5. wait until the timeout is reached (couple of minutes)
  
Actual results:
NSS responder dies.

Expected results:
NSS responder returns an error to the client.

Additional info:
The upstream bug can be found here: https://fedorahosted.org/sssd/ticket/654
Comment 2 Jenny Galipeau 2010-11-12 08:27:51 EST
QE and Dev has spent days trying to reproduce and verify this bug.  It is extremely hard to do.  Development has been successful a few times, but very inconsistently.  Given the nature of the bug, It's not a very complicated fix, and from an engineering perspective it's more or less obvious.  Since, this fix has not caused any regressions in all automated and manual testing, will mark bug verified.
Comment 4 errata-xmlrpc 2011-01-13 17:37:25 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2011-0044.html

Note You need to log in before you can comment on or make changes to this bug.