[sssd PR#470][opened] IPA: Enable periodic subdomains refresh only after responder-induced refresh finishes
by jhrozek
URL: https://github.com/SSSD/sssd/pull/470
Author: jhrozek
Title: #470: IPA: Enable periodic subdomains refresh only after responder-induced refresh finishes
Action: opened
PR body:
"""
Resolves: https://pagure.io/SSSD/sssd/issue/3601
When the IPA subdomains code is initialized, the responders send a request
to fetch subdomains. This request first stores the list of trusted domains
to the cache and then runs the ipa-getkeytab helper.
At the same time, the periodical task to update the subdomains is also
started. The task founds out that all the trusted domains are already known
and finishes the request, which replies to the Data Provider requests as
well even while the ipa-getkeytab request is still running.
This unblocks requests from the responders, which try to connect to the AD
DCs even before the keytab is available, which switches the SSSD status to
offline.
The fix in this PR is only one of the alternatives. I wonder if it's OK
to rely on the responders to enable the ptask, especially in cases where
all the responders might be socket-activated, so none might be running
on SSSD startup. In this case, we might want to enable the ptask later,
with a delay. On the other hand, this way makes sure that at least one
request from the responder runs to full completion, otherwise we still
might run into the reverse race when the responder request comes into
the middle of the delayed ptask..
In both cases, I think we shouldn't also call the full handler from the
ptask, because the ptask shouldn't ever call the DP reply functions. Instead,
we should split the handler into an internal request and a wrapper around
it that also replies to DP. The ptask should just call the internal request
without replying to anything.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/470/head:pr470
git checkout pr470
6 years, 3 months
Every PR should come with a test.
by Fabiano Fidêncio
People,
Ideally every PR should come with a test (unit, integration, ...), but
unfortunately we're a little bit far from the ideal situation. Thus, I'd
like to ask whether we have documented somewhere (apart from our code
itself) which are the parts of SSSD code that can be easily tested by our
unit and integration tests.
My understanding (and please, correct me if I'm mistaken) is that by having
a updated list of our tests coverage would help any newcomer submitting
something new to the project and also not so experienced reviewers to
easily detect that a PR touching this or that part would need a test
(otherwise we don't even start reviewing the patches).
So, does this list exist somewhere? Would be a fair request to create this
list and have it linked to our "Contribute" page?
Best Regards,
--
Fabiano Fidêncio
6 years, 3 months
[sssd PR#477][opened] SYSDB: Return EOK in case a non-fatal issue happened
by fidencio
URL: https://github.com/SSSD/sssd/pull/477
Author: fidencio
Title: #477: SYSDB: Return EOK in case a non-fatal issue happened
Action: opened
PR body:
"""
There may be the case where we aren't able to merge the timestamps from
the fast ts db, which are treated as non-fatal issues. In case it
happens, let's return EOK instead of propagating the non-fatal error.
NOTE: I'm not sure whether it's an issue or not, but I've realized that while taking a look at a covscan issue found downstream.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/477/head:pr477
git checkout pr477
6 years, 3 months
