On (18/06/13 11:15), Jakub Hrozek wrote:
>On Tue, Jun 18, 2013 at 10:29:36AM +0200, Lukas Slebodnik wrote:
>> On (17/06/13 19:47), Jakub Hrozek wrote:
>> >On Mon, Jun 17, 2013 at 05:28:17PM +0200, Lukas Slebodnik wrote:
>> >> On (03/06/13 22:41), Jakub Hrozek wrote:
>> >> >On Sat, Jun 01, 2013 at 12:30:47AM -0700, C. S. wrote:
>> >> >> Hi Jakub,
>> >> >>
>> >> >> Enclosed is the squashed patch.
>> >> >>
>> >> >> No worries, re-reading the thread I think I missed a few
things early on.
>> >> >> You were suggesting adding an attribute to handle an alias on
the master
>> >> >> map, which is why rfc2307_autofs_mobject_map and
rfc2307bis_autofs_entry_map
>> >> >> would needed to have been updated(?).
>> >> >>
>> >> >
>> >> >Sorry, I can be very confusing sometimes. I was just pondering two
>> >> >different options -- one was modifying the default_basic_opts[]
array
>> >> >which you did, the other was modifying the mobject and entry maps,
which
>> >> >I realized was the worse option.
>> >> >
>> >> >In the latest patch, there are still additions to
>> >> >rfc2307_autofs_mobject_map and rfc2307bis_autofs_entry_map which
should
>> >> >go away. Can you test the attached patch? It is your patch with
those
>> >> >two extra lines removed. If it works for you, I'll run the
patch by
>> >> >another engineer to be sure (I won't be able to push patch with
my
>> >> >additions myself then) and push.
>> >> >
>> >> >The modified patch is attached.
>> >> >
>> >> >> Also, automounter works fine with different master map names,
we use it in
>> >> >> production without issue at least. It was my understanding
that sssd needs
>> >> >> to know the master map name so that it can expire it from the
cache
>> >> >> properly on updates, is that correct? So in sssd.conf you also
have
>> >> >> ldap_autofs_map_master_name = auto.slave, right?
>> >> >>
>> >> >
>> >> >Yes, correct. I modified both /etc/sysconfig/autofs and sssd.conf
to
>> >> >include the same master map called auto.slave.
>> >> >
>> >> >> Thanks again for your patience, much appreciated. ;-)
>> >> >>
>> >> >
>> >> >Thank you very much for the patch. Once the two additions to
mobject and
>> >> >mentry are removed, I'll simply push the patch. I didn't
mean to confuse
>> >> >you, sorry :)
>> >> >
>> >> >>
>> >> >>
>> >> >>
>> >> >> On Thu, May 30, 2013 at 9:44 AM, Jakub Hrozek
<jhrozek(a)redhat.com> wrote:
>> >> >>
>> >> >> > On Tue, May 28, 2013 at 04:32:00PM -0700, C. S. wrote:
>> >> >> > > (Including once more as an attachment, it looks like
something may have
>> >> >> > > wrapped the lines when I had the patch in the body
of the message.)
>> >> >> > >
>> >> >> > >
>> >> >> > > On Tue, May 28, 2013 at 4:29 PM, C. S.
<csleclish(a)gmail.com> wrote:
>> >> >> > >
>> >> >> > > > Hi Jakub,
>> >> >> > > >
>> >> >> > > > Thanks for the feedback! Very helpful. Looks
like I dropped the LDAP
>> >> >> > map
>> >> >> > > > changes during a merge, that is now included.
And I've removed the
>> >> >> > > > strdup(), whoops! ;-)
>> >> >> > > >
>> >> >> > > > cs
>> >> >> > > >
>> >> >> >
>> >> >> > Hi Cove,
>> >> >> >
>> >> >> > this patch is working for me with a couple of additonal
changes that I
>> >> >> > attach as a mini-patch. If you like, you can squash it
into yours and
>> >> >> > resend, then I think the patch would be good to go.
>> >> >> >
>> >> >> > Basically I think it's enough to have the master map
name defined in the
>> >> >> > LDAP options, not the map and entry option lists. Also
the option lists
>> >> >> > need the objectclass to be the first entry in the map.
>> >> >> >
>> >> >> > Sorry, I think I confused you with my previous e-mail.
>> >> >> >
>> >> >> > With the attached patch on top of yours, I was able to
run automounter
>> >> >> > with a custom master map
(MASTER_MAP_NAME="auto.slave" in
>> >> >> > /etc/sysconfig/autofs) just fine.
>> >> >> >
>> >> >> > Thanks again for the contribution.
>> >> >> >
>> >> >> > _______________________________________________
>> >> >> > sssd-devel mailing list
>> >> >> > sssd-devel(a)lists.fedorahosted.org
>> >> >> >
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
>> >> >> >
>> >> >> >
>> >> >
>> >> >
>> >> >> _______________________________________________
>> >> >> sssd-devel mailing list
>> >> >> sssd-devel(a)lists.fedorahosted.org
>> >> >>
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
>> >> >
>> >>
>> >> I would like to apploligize for late answer, but, I had few problems
with
>> >> autofs configuration.
>> >>
>> >> >From e36d14827fed18e6a633c004996606f6f0b01509 Mon Sep 17 00:00:00
2001
>> >> >From: Cove Schneider <cove(a)ilm.com>
>> >> >Date: Fri, 31 May 2013 23:56:48 -0700
>> >> >Subject: [PATCH] Add ldap_autofs_map_master_name option
>> >> >
>> >> >---
>> >> > src/config/etc/sssd.api.d/sssd-ipa.conf | 1 +
>> >> > src/config/etc/sssd.api.d/sssd-ldap.conf | 1 +
>> >> > src/db/sysdb_autofs.h | 5 +++--
>> >> > src/man/sssd-ldap.5.xml | 13 +++++++++++++
>> >> > src/providers/ad/ad_opts.h | 1 +
>> >> > src/providers/data_provider_be.c | 7 -------
>> >> > src/providers/ipa/ipa_opts.h | 1 +
>> >> > src/providers/ldap/ldap_common.c | 15 +++++++++++++++
>> >> > src/providers/ldap/ldap_common.h | 2 ++
>> >> > src/providers/ldap/ldap_opts.h | 1 +
>> >> > src/providers/ldap/sdap.h | 1 +
>> >> > src/providers/ldap/sdap_autofs.c | 12 ++++++++++++
>> >> > 12 files changed, 51 insertions(+), 9 deletions(-)
>> >> >
>> >> >diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf
b/src/config/etc/sssd.api.d/sssd-ipa.conf
>> >> >index
e6f1bb0a88dd72a5f7bfcb269fa4736e7efd947c..5105a40a629d87a62a21cb6933a758943c1688cc 100644
>> >> >--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
>> >> >+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
>> >> >@@ -162,6 +162,7 @@ ipa_hostgroup_uuid = str, None, false
>> >> >
>> >> > [provider/ipa/autofs]
>> >> > ipa_automount_location = str, None, false
>> >> >+ldap_autofs_map_master_name = str, None, false
>> >> > ldap_autofs_map_object_class = str, None, false
>> >> > ldap_autofs_map_name = str, None, false
>> >> > ldap_autofs_entry_object_class = str, None, false
>> >> >diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf
b/src/config/etc/sssd.api.d/sssd-ldap.conf
>> >> >index
14e979da3413fe575e83b9a508c6cd8029d2bfba..aa521567f3f657885ba8978fdd118174b0ff9b4f 100644
>> >> >--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
>> >> >+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
>> >> >@@ -153,6 +153,7 @@ ldap_sudorule_notafter = str, None, false
>> >> > ldap_sudorule_order = str, None, false
>> >> >
>> >> > [provider/ldap/autofs]
>> >> >+ldap_autofs_map_master_name = str, None, false
>> >> > ldap_autofs_map_object_class = str, None, false
>> >> > ldap_autofs_map_name = str, None, false
>> >> > ldap_autofs_entry_object_class = str, None, false
>> >> >diff --git a/src/db/sysdb_autofs.h b/src/db/sysdb_autofs.h
>> >> >index
e3528ce4e6bd2c8b594c80828cfb02a9a7ce7923..97edaea03179d89d37073df41ca95cd544a53a29 100644
>> >> >--- a/src/db/sysdb_autofs.h
>> >> >+++ b/src/db/sysdb_autofs.h
>> >> >@@ -28,8 +28,9 @@
>> >> > #define AUTOFS_MAP_SUBDIR "autofsmaps"
>> >> > #define AUTOFS_ENTRY_SUBDIR "autofsentries"
>> >> >
>> >> >-#define SYSDB_AUTOFS_MAP_OC "automountMap"
>> >> >-#define SYSDB_AUTOFS_MAP_NAME "automountMapName"
>> >> >+#define SYSDB_AUTOFS_MAP_MASTER_NAME
"automountMapMasterName"
>> >> >+#define SYSDB_AUTOFS_MAP_OC "automountMap"
>> >> >+#define SYSDB_AUTOFS_MAP_NAME
"automountMapName"
>> >> >
>> >> > #define SYSDB_AUTOFS_ENTRY_OC "automount"
>> >> > #define SYSDB_AUTOFS_ENTRY_KEY "automountKey"
>> >> >diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
>> >> >index
37df5ec1b2e0b150b407f5e3e39db21860055580..b06286742577b84c347701ab0cd56c4e661a44c8 100644
>> >> >--- a/src/man/sssd-ldap.5.xml
>> >> >+++ b/src/man/sssd-ldap.5.xml
>> >> >@@ -2169,6 +2169,19 @@ ldap_access_filter =
memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com
>> >> > <para>
>> >> > <variablelist>
>> >> > <varlistentry>
>> >> >+ <term>ldap_autofs_map_master_name
(string)</term>
>> >> >+ <listitem>
>> >> >+ <para>
>> >> >+ The name of the automount master map
in LDAP.
>> >> >+ </para>
>> >> >+ <para>
>> >> >+ Default: auto.master
>> >> >+ </para>
>> >> >+ </listitem>
>> >> >+ </varlistentry>
>> >> >+ </variablelist>
>> >> >+ <variablelist>
>> >> >+ <varlistentry>
>> >> > <term>ldap_autofs_map_object_class
(string)</term>
>> >> > <listitem>
>> >> > <para>
>> >> >diff --git a/src/providers/ad/ad_opts.h
b/src/providers/ad/ad_opts.h
>> >> >index
218614dca82ab1b5a2d54291ead3d9719a4c7e2a..8ce0c475265a8602edea72ecdff18f77f8ecab75 100644
>> >> >--- a/src/providers/ad/ad_opts.h
>> >> >+++ b/src/providers/ad/ad_opts.h
>> >> >@@ -65,6 +65,7 @@ struct dp_option ad_def_ldap_opts[] = {
>> >> > { "ldap_sudo_include_netgroups", DP_OPT_BOOL,
BOOL_TRUE, BOOL_TRUE },
>> >> > { "ldap_sudo_include_regexp", DP_OPT_BOOL,
BOOL_TRUE, BOOL_TRUE },
>> >> > { "ldap_autofs_search_base", DP_OPT_STRING,
NULL_STRING, NULL_STRING },
>> >> >+ { "ldap_autofs_map_master_name", DP_OPT_STRING,
NULL_STRING, NULL_STRING },
>> >> > { "ldap_schema", DP_OPT_STRING, { "ad" },
NULL_STRING },
>> >> > { "ldap_offline_timeout", DP_OPT_NUMBER, { .number =
60 }, NULL_NUMBER },
>> >> > { "ldap_force_upper_case_realm", DP_OPT_BOOL,
BOOL_TRUE, BOOL_FALSE },
>> >> >diff --git a/src/providers/data_provider_be.c
b/src/providers/data_provider_be.c
>> >> >index
cd6715680eb4871806cc5148cecd2e118885a105..11e8979c2afe4bbcad19ef77b241843463e02c58 100644
>> >> >--- a/src/providers/data_provider_be.c
>> >> >+++ b/src/providers/data_provider_be.c
>> >> >@@ -1643,13 +1643,6 @@ static int be_autofs_handler(DBusMessage
*message, struct sbus_connection *conn)
>> >> > goto done;
>> >> > }
>> >> >
>> >> >- /* If a request for auto.master comes in, the automounter
deamon
>> >> >- * has been reloaded. Expire all autofs maps to force reload
>> >> >- */
>> >> >- if (strcmp(be_autofs_req->mapname, "auto.master")
== 0) {
>> >> >- be_autofs_req->invalidate = true;
>> >> >- }
>> >> >-
>> >> > be_req->req_data = be_autofs_req;
>> >> >
>> >> > if (!be_cli->bectx->bet_info[BET_AUTOFS].bet_ops) {
>> >> >diff --git a/src/providers/ipa/ipa_opts.h
b/src/providers/ipa/ipa_opts.h
>> >> >index
4dfa72db430b1d3dfb528cc425c7156baf5ebe47..f8a3bdda0d8b2cc66d40b73dec2aab3b9e65b5d9 100644
>> >> >--- a/src/providers/ipa/ipa_opts.h
>> >> >+++ b/src/providers/ipa/ipa_opts.h
>> >> >@@ -89,6 +89,7 @@ struct dp_option ipa_def_ldap_opts[] = {
>> >> > { "ldap_sudo_include_netgroups", DP_OPT_BOOL,
BOOL_TRUE, BOOL_TRUE },
>> >> > { "ldap_sudo_include_regexp", DP_OPT_BOOL,
BOOL_TRUE, BOOL_TRUE },
>> >> > { "ldap_autofs_search_base", DP_OPT_STRING,
NULL_STRING, NULL_STRING },
>> >> >+ { "ldap_autofs_map_master_name", DP_OPT_STRING,
NULL_STRING, NULL_STRING },
>> >> > { "ldap_schema", DP_OPT_STRING, { "ipa_v1"
}, NULL_STRING },
>> >> > { "ldap_offline_timeout", DP_OPT_NUMBER, { .number =
60 }, NULL_NUMBER },
>> >> > { "ldap_force_upper_case_realm", DP_OPT_BOOL,
BOOL_TRUE, BOOL_TRUE },
>> >> >diff --git a/src/providers/ldap/ldap_common.c
b/src/providers/ldap/ldap_common.c
>> >> >index
acb24b190157efe06967963ad05014cf9017db7f..33faf232bdd13c79c90db76b90fea4770a458a6b 100644
>> >> >--- a/src/providers/ldap/ldap_common.c
>> >> >+++ b/src/providers/ldap/ldap_common.c
>> >> >@@ -407,10 +407,25 @@ int ldap_get_autofs_options(TALLOC_CTX
*memctx,
>> >> > struct sdap_options *opts)
>> >> > {
>> >> > const char *search_base;
>> >> >+ const char *master_map;
>> >> > struct sdap_attr_map *default_entry_map;
>> >> > struct sdap_attr_map *default_mobject_map;
>> >> > int ret;
>> >> >
>> >> >+ /* automount master map name */
>> >> >+ master_map = dp_opt_get_string(opts->basic,
SDAP_AUTOFS_MAP_MASTER_NAME);
>> >> >+ if (master_map == NULL) {
>> >> >+ ret = dp_opt_set_string(opts->basic,
SDAP_AUTOFS_MAP_MASTER_NAME,
>> >> >+ AUTOFS_MAP_MASTER_NAME);
>> >> >+ if (ret != EOK) {
>> >> >+ DEBUG(SSSDBG_OP_FAILURE, ("Could not set autofs
master map name"
>> >> >+ " to default value\n"));
>> >> >+ return ret;
>> >> >+ }
>> >> >+ master_map = dp_opt_get_string(opts->basic,
SDAP_AUTOFS_MAP_MASTER_NAME);
>> >> >+ }
>> >> >+ DEBUG(SSSDBG_FUNC_DATA, ("Option
ldap_autofs_map_master_name set to %s\n", master_map));
>> >> >+
>> >> > /* search base */
>> >> > search_base = dp_opt_get_string(opts->basic,
SDAP_SEARCH_BASE);
>> >> > if (search_base != NULL) {
>> >> >diff --git a/src/providers/ldap/ldap_common.h
b/src/providers/ldap/ldap_common.h
>> >> >index
2d17b755808e58831b458bcc86a50eb74b1f1057..ec48db68a457b9cf4e490b649eaefd0573ad8e71 100644
>> >> >--- a/src/providers/ldap/ldap_common.h
>> >> >+++ b/src/providers/ldap/ldap_common.h
>> >> >@@ -39,6 +39,8 @@
>> >> > #define LDAP_SSL_URI "ldaps://"
>> >> > #define LDAP_LDAPI_URI "ldapi://"
>> >> >
>> >> >+#define AUTOFS_MAP_MASTER_NAME "auto.master"
>> >> >+
>> >> > /* a fd the child process would log into */
>> >> > extern int ldap_child_debug_fd;
>> >> >
>> >> >diff --git a/src/providers/ldap/ldap_opts.h
b/src/providers/ldap/ldap_opts.h
>> >> >index
807716c18244ae70759d9b2eff7e40fd3c634fb2..8d0a5a647f068a01c5170f30a7f6865f7ca5e0c7 100644
>> >> >--- a/src/providers/ldap/ldap_opts.h
>> >> >+++ b/src/providers/ldap/ldap_opts.h
>> >> >@@ -56,6 +56,7 @@ struct dp_option default_basic_opts[] = {
>> >> > { "ldap_sudo_include_netgroups", DP_OPT_BOOL,
BOOL_TRUE, BOOL_TRUE },
>> >> > { "ldap_sudo_include_regexp", DP_OPT_BOOL,
BOOL_TRUE, BOOL_TRUE },
>> >> > { "ldap_autofs_search_base", DP_OPT_STRING,
NULL_STRING, NULL_STRING },
>> >> >+ { "ldap_autofs_map_master_name", DP_OPT_STRING,
NULL_STRING, NULL_STRING },
>> >> > { "ldap_schema", DP_OPT_STRING, {
"rfc2307" }, NULL_STRING },
>> >> > { "ldap_offline_timeout", DP_OPT_NUMBER, { .number =
60 }, NULL_NUMBER },
>> >> > { "ldap_force_upper_case_realm", DP_OPT_BOOL,
BOOL_FALSE, BOOL_FALSE },
>> >> >diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h
>> >> >index
162250fff76295807cce0779bebdf88577ed755c..7d2d3f534c04f4a21a920286fa17f199277999e9 100644
>> >> >--- a/src/providers/ldap/sdap.h
>> >> >+++ b/src/providers/ldap/sdap.h
>> >> >@@ -164,6 +164,7 @@ enum sdap_basic_opt {
>> >> > SDAP_SUDO_INCLUDE_NETGROUPS,
>> >> > SDAP_SUDO_INCLUDE_REGEXP,
>> >> > SDAP_AUTOFS_SEARCH_BASE,
>> >> >+ SDAP_AUTOFS_MAP_MASTER_NAME,
>> >> > SDAP_SCHEMA,
>> >> > SDAP_OFFLINE_TIMEOUT,
>> >> > SDAP_FORCE_UPPER_CASE_REALM,
>> >> >diff --git a/src/providers/ldap/sdap_autofs.c
b/src/providers/ldap/sdap_autofs.c
>> >> >index
0bb211aa3e3ae9ec822e117f8febf8378bb09f79..e4ef7257bd251fdf7cc672c7f96bb67e3bc4ff32 100644
>> >> >--- a/src/providers/ldap/sdap_autofs.c
>> >> >+++ b/src/providers/ldap/sdap_autofs.c
>> >> >@@ -30,6 +30,7 @@
>> >> > #include "providers/ldap/sdap.h"
>> >> > #include "providers/ldap/sdap_async.h"
>> >> > #include "providers/dp_backend.h"
>> >> >+#include "providers/data_provider.h"
>> >> > #include "db/sysdb_autofs.h"
>> >> > #include "util/util.h"
>> >> >
>> >> >@@ -82,6 +83,7 @@ void sdap_autofs_handler(struct be_req *be_req)
>> >> > struct sdap_id_ctx *id_ctx;
>> >> > struct be_autofs_req *autofs_req;
>> >> > struct tevent_req *req;
>> >> >+ const char *master_map;
>> >> > int ret = EOK;
>> >> >
>> >> > DEBUG(SSSDBG_TRACE_INTERNAL, ("sdap autofs handler
called\n"));
>> >> >@@ -98,6 +100,16 @@ void sdap_autofs_handler(struct be_req
*be_req)
>> >> > DEBUG(SSSDBG_FUNC_DATA, ("Requested refresh for:
%s\n",
>> >> > autofs_req->mapname ? autofs_req->mapname :
"<ALL>\n"));
>> >> >
>> >> >+ if (autofs_req->mapname != NULL) {
>> >> >+ master_map = dp_opt_get_string(id_ctx->opts->basic,
>> >> >+
SDAP_AUTOFS_MAP_MASTER_NAME);
>> >> ^^^^^^^^^^
>> >> I think, that function dp_opt_get_string can return NULL.
>> >> It would be not good idea to compare NULL with autofs_req->mapname.
>> >
>> >It shouldn't happen but yeah, famous last words :-)
>> >
>> >I agree with Lukas, let's be extra paranoid and also add a NULL check
>> >here. If we ever get a NULL string, we'll just use stale data, nothing
>> >terrible.
>> It is not about to be extra paranoid. I hit this bug, but
>> I forgot to attach back_trace in my previous mail.
>>
>> >
>> >Thank you for testing!
>> >
>> >>
>> >> >+ if (strcmp(master_map, autofs_req->mapname) == 0) {
>> >> >+ autofs_req->invalidate = true;
>> >> >+ DEBUG(SSSDBG_FUNC_DATA, ("Refresh of automount
master map triggered: %s\n",
>> >> >+ autofs_req->mapname));
>> >> >+ }
>> >> >+ }
>> >> >+
>> >> > if (autofs_req->invalidate) {
>> >> > ret =
sysdb_invalidate_autofs_maps(id_ctx->be->domain->sysdb,
>> >> >
id_ctx->be->domain);
>> >> >--
>> >> >1.8.2.1
>>
>> I attach back_trace for record.
>> LS
>
>How did you get into this situation? I thought that the option defaulted
>to "auto.master" even in the map. If not, then I think it should.
Reproducible:
Always
Steps to reproduce:
1. service sssd stop
2. update sssd (sssd with patch)
3. remove cache and logs
4. service sssd start
5. servive autofs restart
^^^^
Result: sssd crashed.
Could be default value in "struct dp_option default_basic_opts[]" ?
Like
{ "ldap_default_authtok_type", DP_OPT_STRING, { "password" },
NULL_STRING},
Yes, we should default to auto.master there.
Cove, would you like us to help you with the patch in any way?