URL: https://github.com/SSSD/sssd/pull/566 Author: sumit-bose Title: #566: NSS: nss_clear_netgroup_hash_table() do not free data Action: opened
PR body: """ nss_clear_netgroup_hash_table() is called during the clearEnumCache SBUS request, which is e.g. used during 'sss_cache -E', to remove netgroup data cached in the memory of the NSS responder.
Currently nss_clear_netgroup_hash_table() calls 'sss_ptr_hash_delete_all(nss_ctx->netgrent, true);' which not only removes all entries in the 'netgerent' hash table but frees them as well.
The second step is not needed because nss_setnetgrent_set_timeout() takes care that the data is freed after a timeout. Additionally freeing the data in nss_clear_netgroup_hash_table() can even do harm when the request is received by the NSS responder while waiting for the backend to acquire the netgroup data. Because if the backend is done the NSS responder tries do use enum_ctx which might have been freed in the meantime.
Because of this nss_clear_netgroup_hash_table() should only remove the data from the hash table but not free it.
Related to https://pagure.io/SSSD/sssd/issue/3731 """
To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/566/head:pr566 git checkout pr566
URL: https://github.com/SSSD/sssd/pull/566 Title: #566: NSS: nss_clear_netgroup_hash_table() do not free data
fidencio commented: """ @sumit-bose, the patch looks good and the whole explanation makes a lot of sense. Thanks a lot for digging into this issue.
Out of curiosity, have you provided a build for some customer with this patch? """
See the full comment at https://github.com/SSSD/sssd/pull/566#issuecomment-386630945
URL: https://github.com/SSSD/sssd/pull/566 Title: #566: NSS: nss_clear_netgroup_hash_table() do not free data
fidencio commented: """ @sumit-bose, the patch looks good and the whole explanation makes a lot of sense. Thanks a lot for digging into this issue.
I'll run our internal CI and get back to it on Monday. """
See the full comment at https://github.com/SSSD/sssd/pull/566#issuecomment-386630945
URL: https://github.com/SSSD/sssd/pull/566 Title: #566: NSS: nss_clear_netgroup_hash_table() do not free data
pbrezina commented: """ Just FYI Sumit asked me via mail whether there was any specific reason to use `true` (free objects as well) instead of `false`: there was not. So this patch is good to go. """
See the full comment at https://github.com/SSSD/sssd/pull/566#issuecomment-386638302
URL: https://github.com/SSSD/sssd/pull/566 Title: #566: NSS: nss_clear_netgroup_hash_table() do not free data
fidencio commented: """ Okay, I'm just running internal CI for the sake of the process and I'll add the accepted label as soon as I get the results. """
See the full comment at https://github.com/SSSD/sssd/pull/566#issuecomment-386975609
URL: https://github.com/SSSD/sssd/pull/566 Title: #566: NSS: nss_clear_netgroup_hash_table() do not free data
fidencio commented: """ CI: http://vm-031.$%7Babc%7D/logs/job/89/00/summary.html
There is an issue on rawhide, but it's not related to this patch. """
See the full comment at https://github.com/SSSD/sssd/pull/566#issuecomment-387001268
URL: https://github.com/SSSD/sssd/pull/566 Title: #566: NSS: nss_clear_netgroup_hash_table() do not free data
Label: +Accepted
URL: https://github.com/SSSD/sssd/pull/566 Title: #566: NSS: nss_clear_netgroup_hash_table() do not free data
fidencio commented: """ master: b13cc2d
"""
See the full comment at https://github.com/SSSD/sssd/pull/566#issuecomment-387315117
URL: https://github.com/SSSD/sssd/pull/566 Title: #566: NSS: nss_clear_netgroup_hash_table() do not free data
Label: +Pushed
URL: https://github.com/SSSD/sssd/pull/566 Title: #566: NSS: nss_clear_netgroup_hash_table() do not free data
Label: -Accepted
URL: https://github.com/SSSD/sssd/pull/566 Author: sumit-bose Title: #566: NSS: nss_clear_netgroup_hash_table() do not free data Action: closed
To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/566/head:pr566 git checkout pr566
sssd-devel@lists.fedorahosted.org