Bug 876531 - sss_cache does not work for automount maps
Summary: sss_cache does not work for automount maps
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sssd
Version: 6.4
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: rc
: ---
Assignee: Jakub Hrozek
QA Contact: Kaushik Banerjee
URL:
Whiteboard:
Depends On:
Blocks: 895654
TreeView+ depends on / blocked
 
Reported: 2012-11-14 11:00 UTC by Ondrej Valousek
Modified: 2020-05-02 17:02 UTC (History)
5 users (show)

Fixed In Version: sssd-1.9.2-51.el6
Doc Type: Bug Fix
Doc Text:
No documentation needed.
Clone Of:
Environment:
Last Closed: 2013-02-21 09:40:14 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github SSSD sssd issues 2634 0 None None None 2020-05-02 17:02:16 UTC
Red Hat Product Errata RHSA-2013:0508 0 normal SHIPPED_LIVE Low: sssd security, bug fix and enhancement update 2013-02-20 21:30:10 UTC

Description Ondrej Valousek 2012-11-14 11:00:10 UTC
Description of problem:

It should be possible to expire automount maps cache in sssd using either:
sss_cache -a or sss_cache -A.
However this does not work.

Version-Release number of selected component (if applicable):
9.2.7

How reproducible:
always

Steps to Reproduce:
1. Configure sssd & automounter to store automount maps in LDAP using the article: https://fedoraproject.org/wiki/Features/SSSDAutoFSSupport
2. change (create/delete) some map on the ldap server
3. on the client run sss_cache -A
4. on the client run automount -m to see if the change is visible by the automounter
  
Actual results:

automount -m output does not show any change

Expected results:

automount -m should display the current automount maps

Comment 2 Jakub Hrozek 2012-11-15 13:36:09 UTC
I suspect that this is the same root cause as https://fedorahosted.org/sssd/ticket/1592

Comment 3 Ondrej Valousek 2012-11-16 08:34:29 UTC
No, it is not - it is a completely different issue. sss_cache should work no matter which map (does not have to be auto.master) we talk about - and should cause that the map in question (see the -a parameter) is re-read from the data provider next time autofs asks for it.

Comment 5 Ondrej Valousek 2012-12-27 09:49:36 UTC
Tested sssd-1.9.2-6.upstream_1_9_3.el6_3.x86_64 - it seems that this release is not caching automount maps at all - i.e. after invoking command 'automount -m' sssd always produces a new ldap query to the server.

I guess this not a normal behavior, right?

Comment 6 Jakub Hrozek 2013-01-02 14:20:40 UTC
(In reply to comment #5)
> Tested sssd-1.9.2-6.upstream_1_9_3.el6_3.x86_64 - it seems that this release
> is not caching automount maps at all - i.e. after invoking command
> 'automount -m' sssd always produces a new ldap query to the server.
> 
> I guess this not a normal behavior, right?

It is, automount -m always requests auto.master which is always reread from LDAP. See #870045 for instance. With the previous version of caching, the admins were getting confused as they were used to change a map, restart autofs and see updated results.

Comment 7 Kaushik Banerjee 2013-01-27 15:13:01 UTC
Verified in version 1.9.2-82

Output of beaker automation run:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: autofs13 - BZ876531 and 894428 - sss_cache does not work for automount maps
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   LOG    ] :: Sleeping for 5 seconds
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.master dataExpireTimestamp | grep dataExpireTimestamp: | grep -w -v 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.direct dataExpireTimestamp | grep dataExpireTimestamp: | grep -w -v 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.home dataExpireTimestamp | grep dataExpireTimestamp: | grep -w -v 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share1 dataExpireTimestamp | grep dataExpireTimestamp: | grep -w -v 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share2 dataExpireTimestamp | grep dataExpireTimestamp: | grep -w -v 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share3 dataExpireTimestamp | grep dataExpireTimestamp: | grep -w -v 1'
:: [   PASS   ] :: Running 'sss_cache -A --domain=LDAP'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.master dataExpireTimestamp | grep dataExpireTimestamp: | grep -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.direct dataExpireTimestamp | grep dataExpireTimestamp: | grep -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.home dataExpireTimestamp | grep dataExpireTimestamp: | grep -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share1 dataExpireTimestamp | grep dataExpireTimestamp: | grep -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share2 dataExpireTimestamp | grep dataExpireTimestamp: | grep -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share3 dataExpireTimestamp | grep dataExpireTimestamp: | grep -w 1'
:: [   LOG    ] :: automount -m
:: [   LOG    ] :: Modify a direct map
:: [   PASS   ] :: Running 'sss_cache -a auto.direct'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.direct dataExpireTimestamp | grep dataExpireTimestamp: | grep -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.master dataExpireTimestamp | grep dataExpireTimestamp: | grep -v -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.home dataExpireTimestamp | grep dataExpireTimestamp: | grep -v -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share1 dataExpireTimestamp | grep dataExpireTimestamp: | grep -v -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share2 dataExpireTimestamp | grep dataExpireTimestamp: | grep -v -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share3 dataExpireTimestamp | grep dataExpireTimestamp: | grep -v -w 1'
:: [   LOG    ] :: automount -m
:: [   PASS   ] :: File '/var/log/sssd/sssd_LDAP.log' should contain 'nfsserver.example.com:/export/projects_old'
:: [   PASS   ] :: Running 'sss_cache -a auto.share1 --domain=LDAP'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.direct dataExpireTimestamp | grep dataExpireTimestamp: | grep -v -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.master dataExpireTimestamp | grep dataExpireTimestamp: | grep -v -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.home dataExpireTimestamp | grep dataExpireTimestamp: | grep -v -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share1 dataExpireTimestamp | grep dataExpireTimestamp: | grep -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share2 dataExpireTimestamp | grep dataExpireTimestamp: | grep -v -w 1'
:: [   PASS   ] :: Running 'ldbsearch -H /var/lib/sss/db/cache_LDAP.ldb name=auto.share3 dataExpireTimestamp | grep dataExpireTimestamp: | grep -v -w 1'
:: [   LOG    ] :: automount -m
:: [   PASS   ] :: File '/var/log/sssd/sssd_LDAP.log' should contain 'nfsserver.example.com:/export/shared1/key_new'
:: [   LOG    ] :: Duration: 18s
:: [   LOG    ] :: Assertions: 29 good, 0 bad
:: [   PASS   ] :: RESULT: autofs13 - BZ876531 and 894428 - sss_cache does not work for automount maps

Comment 8 errata-xmlrpc 2013-02-21 09:40:14 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html


Note You need to log in before you can comment on or make changes to this bug.