On 07/24/2012 12:01 PM, Alexander Bokovoy wrote:
Hi,
There are two problems in task naming in LDAP updates:
1. Randomness may be scarce in virtual machines
2. Random number is added to the time value rounded to a second
The second issue leads to values that may repeat themselves as time
only grows and random number is non-negative as well, so
t2+r2 can be equal to t1+t2 generated earlier.
Since task name is a DN, there is no strict requirement to use an
integer value. Instead, we can take time and attribute name. To get
reasonable 'randomness' these values are then hashed with sha1 and use
the resulting string as task name.
SHA1 may technically be an overkill here as we could simply use
indextask_$date_$attribute
where $date is a value of time.time() but SHA1 gives a resonable
'randomness' into the string.
What kind of randomness do you mean? SHA1 is deterministic, it doesn't
add any randomness at all. It just obscures what's really happening.
Same with repeating [tasktime, attribute] two times.
> - root_logger.debug("Task id: %s", dn)
> + root_logger.debug("Task id: %s", str(dn))
This change is unnecessary; the "%s" means "convert to str".
I was hit by this issue today, see
https://fedorahosted.org/freeipa/ticket/2942
--
PetrĀ³
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
