[Bug 929888] Re: ldap_result returns -1 when called from sssd
Launchpad has imported 40 comments from the remote bug at https://bugzilla.redhat.com/show_bug.cgi?id=771484. If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. On 2012-01-03T21:06:45+00:00 Ken wrote: Description of problem: sssd ID searches break with openldap-2.4.28-1.fc17. How reproducible: Always Steps to Reproduce: 1. Set up sssd on a Rawhide box 2. Run getent passwd , eg. "getent passwd kdreyer" Actual results: (user is not found) Expected results: kdreyer:*:500:100:Ken Dreyer:/home/kdreyer:/bin/bash Additional info: My LDAP server is CentOS 5, openldap-servers-2.3.43-12.el5_7.10 (regular openldap-clients commands in 2.4.28-1.fc17, for example ldapwhoami, or ldapsearch, work fine against this server. It is only sssd that breaks here.) In the sssd_KTDREYER.log: (Tue Jan 3 12:12:11 2012) [sssd[be[KTDREYER]]] [simple_bind_send] (0x0100): Executing simple bind as: (null) (Tue Jan 3 12:12:11 2012) [sssd[be[KTDREYER]]] [simple_bind_send] (0x2000): ldap simple bind sent, msgid = 2 (Tue Jan 3 12:12:11 2012) [sssd[be[KTDREYER]]] [sdap_process_result] (0x2000): Trace: sh[0xb8eee4c0], connected[1], ops[0xb8f76e10], ldap[0xb8ee1ca0] (Tue Jan 3 12:12:11 2012) [sssd[be[KTDREYER]]] [sdap_process_result] (0x0100): ldap_result gave -1, something bad happend! (Tue Jan 3 12:12:11 2012) [sssd[be[KTDREYER]]] [sdap_handle_release] (0x2000): Trace: sh[0xb8eee4c0], connected[1], ops[0xb8f76e10], ldap[0xb8ee1ca0], destructor_lock[0], release_memory[0] (Tue Jan 3 12:12:11 2012) [sssd[be[KTDREYER]]] [remove_connection_callback] (0x4000): Successfully removed connection callback. (Tue Jan 3 12:12:11 2012) [sssd[be[KTDREYER]]] [fo_set_port_status] (0x0100): Marking port 636 of server 'salt.ktdreyer.com' as 'not working' My sssd config is working fine on EL5, EL6, and F15. Thanks to sgallagh in #sssd, I found out that when I dowgrade openldap to 2.4.26-5.fc17, sssd works again. http://koji.fedoraproject.org/koji/buildinfo?buildID=267220 Reply at: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/comments/0 On 2012-01-03T21:13:49+00:00 Stephen wrote: There is a regression in openldap-libs somewhere between 2.4.26-5.fc17 and 2.4.28-1.fc17. We don't get any useful information from openldap, we only receive -1 back from ldap_result(). Reply at: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/comments/1 On 2012-01-30T11:47:25+00:00 Jan wrote: I managed to reproduce this with openldap-2.4.28-2. However, after playing around with gdb trying to find out some more info about what's going on, it started to work and I can't reproduce this anymore. I really have no idea what happened. I didn't change any setting or anything in ldap database. Here is roughly what I did: 1. run sssd -d 10 -i 2. find sssd_be pid and run gdb 3. attach gdb to sssd_be process 4. set breakpoint at sdap_async.c:1019 5. run getent passwd jsyna...@domain.com 6. make few steps in gdb, then continue Any ideas about what might have gone wrong? (or more precisely, gone 'right' in this particular case) I know that attaching gdb to a process makes the process pause, so maybe the execution order changed somehow. What really escapes me, though, is why I can't reproduce this after I restart the sssd and slapd, or even reboot the machine. Reply at: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/comments/2 On 2012-01-30T11:53:32+00:00 Jan wrote: Ah ok, I removed the cache file and it's reproducible again. But still not sure why it started to work. Reply at: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/comments/3 On 2012-01-30T11:58:49+00:00 Jakub wrote: (In reply to comment #3) > Ah ok, I removed the cache file and it's reproducible again. But still not > sure > why it started to work. SSSD caches the entries internally into an on-disk cache (as you figured out). I believe that the second request came straight out of the cache without even contacting SSSD. If you set: entry_cache_timeout = 1 into the [domain/redhat.com] section of your sssd.conf, then all cache entries will be only valid for 1 second, so even the second request should go all the way into the LDAP code. Reply at: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/comments/4 On 2012-01-30T12:04:28+00:00 Jakub wrote: Actually, one more gotcha..the cache expiration time is stored in the ca
[Bug 929888] Re: ldap_result returns -1 when called from sssd
The fix to this issue got applied upstream and I uploaded it to precise (referred to the duplicate bug on the changelog, boo). Please reopen if you still see it with libldap 2.4.28-1.1ubuntu3. ** Changed in: openldap (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/929888 Title: ldap_result returns -1 when called from sssd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 929888] Re: ldap_result returns -1 when called from sssd
Not sure If i helps, I had sssd working in 12.04 with Alpha 1...never thought to look at the package version for openldap, but what ever version was included with Alpha 1 was ok. If that helps -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/929888 Title: ldap_result returns -1 when called from sssd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 929888] Re: ldap_result returns -1 when called from sssd
scratch that, it was tested elsewhere and didn't help :/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/929888 Title: ldap_result returns -1 when called from sssd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 929888] Re: ldap_result returns -1 when called from sssd
Built it myself (64bit) and put it here: http://kernel.ubuntu.com/~tjaalton/lp929888 install the lib and test. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/929888 Title: ldap_result returns -1 when called from sssd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 929888] Re: ldap_result returns -1 when called from sssd
Ryan, can you build openldap with the proposed patch and test? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/929888 Title: ldap_result returns -1 when called from sssd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 929888] Re: ldap_result returns -1 when called from sssd
Upstream bug at http://www.openldap.org/its/index.cgi?findid=7167 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/929888 Title: ldap_result returns -1 when called from sssd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 929888] Re: ldap_result returns -1 when called from sssd
** Bug watch added: Red Hat Bugzilla #771484 https://bugzilla.redhat.com/show_bug.cgi?id=771484 ** Also affects: openldap (Fedora) via https://bugzilla.redhat.com/show_bug.cgi?id=771484 Importance: Unknown Status: Unknown ** Changed in: openldap (Ubuntu) Importance: Undecided => Critical ** Changed in: openldap (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/929888 Title: ldap_result returns -1 when called from sssd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/929888/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs