6:07 a.m.
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: opened
PR body:
"""
This PR adds several patches that let the user configure quotas to store
their ccaches.
Please see the commit messages, I hope they are verbose enough. One thing
that should be pointed out is that the global number of ccaches is explicitly
unlimited. Does anyone see an issue with just enforcing the per-UID limits?
An upcoming PR(s) would implement warning when the quota is being exceeded
and a sssctl command to let the administrator display the quota taken.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
7:18 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
retest this please
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-444096360
3:35 p.m.
New subject: [sssd PR#705][synchronized] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
3:35 p.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
The test failed because of pep8 failures in the test. Now it will hopefully come back
clean.
Still looking for a reviewer..
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-445982591
6:25 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
retest this please
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-446184702
8:11 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
I still need to amend the tests:
```
=========================== short test summary info ============================
FAIL test_kcm.py::test_kcm_secrets_quota
FAIL test_secrets.py::test_global_quota
=================================== FAILURES ===================================
____________________________ test_kcm_secrets_quota ____________________________
Traceback (most recent call last):
File
"/var/lib/jenkins/workspace/ci/label/fedora28/src/tests/intg/test_kcm.py", line
555, in test_kcm_secrets_quota
cli.set_secret(str(MAX_SECRETS), sec_value)
File "/usr/lib/python2.7/site-packages/_pytest/python_api.py", line 627, in
__exit__
fail(self.message)
File "/usr/lib/python2.7/site-packages/_pytest/outcomes.py", line 92, in
fail
raise Failed(msg=msg, pytrace=pytrace)
Failed: DID NOT RAISE <class 'requests.exceptions.HTTPError'>
______________________________ test_global_quota _______________________________
Traceback (most recent call last):
File
"/var/lib/jenkins/workspace/ci/label/fedora28/src/tests/intg/test_secrets.py",
line 480, in test_global_quota
run_quota_test(cli, 10, 2)
File
"/var/lib/jenkins/workspace/ci/label/fedora28/src/tests/intg/test_secrets.py",
line 429, in run_quota_test
cli.set_secret(str(max_secrets), sec_value)
File "/usr/lib/python2.7/site-packages/_pytest/python_api.py", line 627, in
__exit__
fail(self.message)
File "/usr/lib/python2.7/site-packages/_pytest/outcomes.py", line 92, in
fail
raise Failed(msg=msg, pytrace=pytrace)
Failed: DID NOT RAISE <class 'requests.exceptions.HTTPError'>
```
I have no idea why didn't the sssd-ci tests catch this...maybe somethng for @pbrezina
to look at?
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-446215481
8:15 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
I'm adding changes requested, but since the issue is 'only' in tests, I would
still appreciate a review
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-446216805
8:15 a.m.
New subject: [sssd PR#705][+Changes requested] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: +Changes requested
2:57 p.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
OK, I'll squash this diff:
```
diff --git a/src/responder/secrets/secsrv.c b/src/responder/secrets/secsrv.c
index b18bbfd19..e783e231d 100644
--- a/src/responder/secrets/secsrv.c
+++ b/src/responder/secrets/secsrv.c
@@ -98,9 +98,6 @@ static int sec_get_config(struct sec_ctx *sctx)
sctx->max_payload_size = 1;
/* Read the global quota first -- this should be removed in a future release */
- /* Note that this sets the defaults for the sec_config quota to be used
- * in sec_get_hive_config()
- */
ret = sss_sec_get_quota(sctx->rctx->cdb,
sctx->rctx->confdb_service_path,
&dfl_sec_nest_level,
@@ -114,6 +111,16 @@ static int sec_get_config(struct sec_ctx *sctx)
goto fail;
}
+ /* Use the global quota values as defaults for the secrets/secrets section */
+ dfl_sec_nest_level.default_value = \
+ sctx->sec_config.quota.containers_nest_level;
+ dfl_sec_max_secrets.default_value = \
+ sctx->sec_config.quota.max_secrets;
+ dfl_sec_max_uid_secrets.default_value = \
+ sctx->sec_config.quota.max_uid_secrets;
+ dfl_sec_max_payload_size.default_value = \
+ sctx->sec_config.quota.max_payload_size;
+
/* Read the per-hive configuration */
ret = sss_sec_get_hive_config(sctx->rctx->cdb,
"secrets",
```
Into "SECRETS: Use different option names from secrets and KCM for quota
options". The previous code never used the (deprecated) quotas from the global
[secrets] question.
(The removed comment also gives a nice hint at what the previous code did)
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-446359085
2:58 p.m.
New subject: [sssd PR#705][synchronized] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
3:04 p.m.
New subject: [sssd PR#705][-Changes requested] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: -Changes requested
6:56 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
pbrezina commented:
"""
@jhrozek Local run of integration tests failed but sssd-ci did succeeded? Did you figure
it out or should I look into it?
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-451135395
10:04 a.m.
New subject: [sssd PR#705][synchronized] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
2:39 p.m.
New subject: [sssd PR#705][synchronized] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
2:39 p.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
rebased
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-458698402
5:40 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
mzidek-rh commented:
"""
Thanks this LGTM. I will do one more test with the rebased patches and give an ack if
everything goes well.
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-458914034
6:17 a.m.
New subject: [sssd PR#705][+Changes requested] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: +Changes requested
9:17 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
mzidek-rh commented:
"""
Ah, I forgot to add a comment when adding the label.
There were some issues in multihost tests with the latest iteration of these patches. I
added changes requested label until they are resolved.
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-460675593
3:42 a.m.
New subject: [sssd PR#705][synchronized] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
3:46 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
The tests were not cleaning after one another. I guess that's why I didn't see the
failed results on my machine when running the tests one-by-one. So far I added a
standalone fixup commit for easier review, if you think the patchset is not OK, I will
squash the latest patch into the one that adds the tests.
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-460960832
3:46 a.m.
New subject: [sssd PR#705][-Changes requested] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: -Changes requested
10:02 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
mzidek-rh commented:
"""
Hi, can you please rebase these patches? I think the other KCM patchset that was just
pushed causes conflicts.
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-461851713
10:02 a.m.
New subject: [sssd PR#705][+Changes requested] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: +Changes requested
9:28 a.m.
New subject: [sssd PR#705][synchronized] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
9:29 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
rebased
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-467054904
9:30 a.m.
New subject: [sssd PR#705][-Changes requested] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: -Changes requested
5:32 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
The test needs to have a title added as PR #756 does.
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-479843270
5:32 a.m.
New subject: [sssd PR#705][+Changes requested] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: +Changes requested
8:20 a.m.
New subject: [sssd PR#705][synchronized] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
8:21 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
Rebased and added the title for each test. @mzidek-rh said he would look at the test
failures.
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-503557824
7:21 a.m.
New subject: [sssd PR#705][-Changes requested] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: -Changes requested
8:17 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
mzidek-rh commented:
"""
Hi,
all the tests added in this patchset are failing for me. It would be nice if someone could
verify that the tests work and it is problem with my setup.
Also, when I run the tests multiple times in a row, sssd randomly stops working in the VM.
The backend simply takes too long to start and gets killed by the monitor. I checked by
sshing to the VM and tried to start sssd myself and it looks like the DNS resolution took
too long for no obvious reason. After restarting SSSD few times, the DNS was fast again. I
could only get to this state in VM by running the multihost tests. This is probably
completely unrelated to these patches.
Feel free to take over the review if someone has time, it could be that the issues I see
are related to my setup. Otherwise I will return to it once I get back from PTO.
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-508088926
7:24 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
I can see the tests failing now, too..
Setting Changes requested so I can take a look..
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-515969272
7:24 a.m.
New subject: [sssd PR#705][+Changes requested] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: +Changes requested
5:06 a.m.
New subject: [sssd PR#705][synchronized] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
5:07 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
@mzidek-rh please try now, there was some conflict between the tests, so I just removed
the secrets db with the quota tests. (Only the patch with the tests was modified)
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-516355581
5:14 a.m.
New subject: [sssd PR#705][-Changes requested] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: -Changes requested
3:30 a.m.
New subject: [sssd PR#705][synchronized] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
3:30 a.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
Now some pep8 errors found by CI were fixed.
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-516752179
5:05 p.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
mzidek-rh commented:
"""
Sigh... I forgot to ACK this second day in a row. Sorry for the delay.
The patches work for me, there is a an unrelated failure on debian, other tests passed.
ACK.
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-517857445
5:12 p.m.
New subject: [sssd PR#705][+Accepted] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: +Accepted
1:59 p.m.
New subject: [sssd PR#705][comment] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
jhrozek commented:
"""
* master:
* 247aa48004ceb2efba42e917cebecc0ab74dc207
* f024b5e46b62ad49f0099ed8db8155e7ea475639
* f00db73d7bbf312e3e2a772b8b10895d5460b989
* 940002ca21abde53ad81df622d1f4dd3b5e8e014
* f74b97860ec7c66df01ed2b719d29a138c958081
* 84eca2e812f8a8684a35b4cd0c262660930e0d40
* ca02a20c16a1249a8fcecad31e915bf64df77cc9
"""
See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-519226953
1:59 p.m.
New subject: [sssd PR#705][closed] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Author: jhrozek
Title: #705: KCM: Add configurable quotas
Action: closed
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/705/head:pr705
git checkout pr705
1:59 p.m.
New subject: [sssd PR#705][+Pushed] KCM: Add configurable quotas
URL: https://github.com/SSSD/sssd/pull/705
Title: #705: KCM: Add configurable quotas
Label: +Pushed
1724
days inactive
1970
days old
sssd-devel@lists.fedorahosted.org
43 comments
3 participants
participants (3)
-
jhrozek -
mzidek-rh
-
pbrezina