[PATCH] Don't use negative cache in netgroup lookup
by Jan Zelený
In responder a negative cache is used to indicate that the record has
not been found by previous lookup. This approach is however not
applicable for netgroup lookup because the design of their lookup is a
little different.
This patch removes some pieces of code working with negative cache,
because they didn't fuction well. Instead a new flag has been added to
the positive cache. This flag indicates if the record in the cache
is a record of existing netgroup or it's just a placeholder.
https://fedorahosted.org/sssd/ticket/820
Jan
13 years
Announcing the release of SSSD 1.5.6
by Stephen Gallagher
The SSSD team is proud to announce the release of the version 1.5.6
bugfix release of the System Security Services Daemon. This release
fixes a few serious issues and is a recommended update for all users of
the 1.5.x series.
As always, it can be downloaded at https://fedorahosted.org/sssd
== Highlights ==
* Fixed a serious memory leak in the memberOf plugin
* Fixed a regression with the negative cache that caused it to be
essentially nonfunctional
* Fixed an issue where the user's full name would sometimes be removed
from the cache
* Fixed an issue with password changes in the kerberos provider not
working with kpasswd
== Detailed Changelog ==
Simo Sorce (2):
* memberof: fix calculation of replaced members
* memberof: free delete operation payload once done
Stephen Gallagher (7):
* Never remove gecos from the sysdb cache
* Do not throw a DP error when failing to delete a nonexistent entity
* Add debug logging to the negative cache
* Fix a regression with the negative cache in multi-domain
configurations
* Fix regression where nonexistent entries were never added to the
negative cache
* Bumping version to 1.5.6
* Always generate kpasswdinfo file
13 years
[PATCHES] Fix regressions in the negative cache
by Stephen Gallagher
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Patch 0001: Add debug logging to the negative cache
Patch 0002: If a fully-qualified user or group was specified, we were
falling through to a remote lookup regardless of the return value of the
negative cache check. This patch ensures that we return ENOENT.
Patch 0003: We were never adding new negative cache entries on failure
because we were continuing on to the next domain in the chain before
calling sss_ncache_set_*(). This patch ensures that we set the negative
cache for the current domain appropriately.
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2oSdUACgkQeiVVYja6o6P8qwCePyCGuPsj4cn1cJ9+qWo9GgKa
qfIAoJpIjKtwu34aC2es0L4xUdZBMXMq
=RuFW
-----END PGP SIGNATURE-----
13 years
[PATCH] Do not throw a DP error when failing to delete a nonexistent user
by Stephen Gallagher
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
When processing a request for a nonexistent user, we were returning a DP
error when sysdb_delete_user() or sysdb_delete_group() returned ENOENT.
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2oSOsACgkQeiVVYja6o6OdTACeNuMEnVF/xbNRE4c+UWoSBN01
748Aniic1Gjn8NtiV3JK+0cUKLTOKfDF
=QZum
-----END PGP SIGNATURE-----
13 years
[PATCHES] Fixes for sysdb_domain_init_internal()
by Stephen Gallagher
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Patch 0001: Don't leak memory if sysdb_domain_init() fails
This patch ensures we clean up the memory for the sysdb_ctx if we exit
on failure.
Patch 0002: Run all appropriate upgrades
Previously, if we were upgrading from version 0.4 or older, we
would only run sysdb_upgrade_04() and exit, instead of also
running sysdb_upgrade_05().
Patch 0003: Reopen the LDB after modifying it
If we change any of the special entries such as indexes or plugins,
we need to close and reopen the LDB to ensure that they take effect.
Note: Patch 0003 was still safe in the SSSD daemon right now, as we
always pre-create the sysdb caches in the monitor and close it before
the backends start, but it was causing some trouble with the tests if we
were only running a subset that required memberOf.
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk2mBVcACgkQeiVVYja6o6NtsQCgkTHJoJIexCFxl/1AwGw4R3uI
wTQAmgOffeltYDkff4b1roqiJOBu91cr
=kbIH
-----END PGP SIGNATURE-----
13 years