Hide Forgot
This bug is created as a clone of upstream ticket: https://fedorahosted.org/sssd/ticket/1274 When name resolution times out, the errno return code is 110 (which is correct = ETIMEDOUT), but the resolv_status is 0. This is wrong. We should probably rely mostly on the errno return code and only treat the resolv_status, which is the original ares return code, as kind of extended information, also because in the future we might switch to a different resolver with different error codes.
Please add steps to verify this issue
(In reply to comment #1) > Please add steps to verify this issue I'm going to write a unit test that exercises this part of the resolver code. Other than that, setting up a DROP rule on a machine that runs the DNS server should trigger the timeout as well.
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: No documentation needed.
Verified in version: # rpm -qi sssd | head Name : sssd Relocations: (not relocatable) Version : 1.8.0 Vendor: Red Hat, Inc. Release : 22.el6 Build Date: Mon 09 Apr 2012 07:40:33 PM IST Install Date: Mon 16 Apr 2012 04:57:02 PM IST Build Host: x86-003.build.bos.redhat.com Group : Applications/System Source RPM: sssd-1.8.0-22.el6.src.rpm Size : 7870660 License: GPLv3+ Signature : (none) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://fedorahosted.org/sssd/ Summary : System Security Services Daemon Steps to verify: 1. Add a drop rule(drop on 53 udp port) on the DNS Server. 2. Lookup a user. With the patched version(1.8.0-22) I see the following in the logs: [resolv_gethostbyname_done] (0x0040): querying hosts database failed [110]: Connection timed out [fo_resolve_service_done] (0x0020): Failed to resolve server 'server1.example.com': Timeout while contacting DNS servers [be_resolve_server_done] (0x0080): Couldn't resolve server (server1.example.com), resolver returned (110) With the unpatched version, the log shows: [resolv_gethostbyname_done] (0x0040): querying hosts database failed [110]: Connection timed out [fo_resolve_service_done] (0x0020): Failed to resolve server 'server1.example.com': Successful completion [be_resolve_server_done] (0x1000): Saving the first resolved server [be_resolve_server_done] (0x0020): FATAL: No hostent available for server (server1.example.com) [be_resolve_server_done] (0x1000): Server resolution failed: 14
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0747.html