[SSSD] [sssd PR#5945][comment] INTG: Restrict smartcard in sc auth tests
URL: https://github.com/SSSD/sssd/pull/5945 Title: #5945: INTG: Restrict smartcard in sc auth tests justin-stephenson commented: """ > Hi, > > thanks, I'm still fine with the patches. I'd just like to ask to split out > the change to `pamsrv_p11.c` into an extra patch? The change is not only > related to the tests. > > bye, Sumit Fixed, thanks. """ See the full comment at https://github.com/SSSD/sssd/pull/5945#issuecomment-1014532616 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5945][synchronized] INTG: Restrict smartcard in sc auth tests
URL: https://github.com/SSSD/sssd/pull/5945 Author: justin-stephenson Title: #5945: INTG: Restrict smartcard in sc auth tests Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5945/head:pr5945 git checkout pr5945 From a7bed5c50d2dfe3d977ac8a8a53e19aafdf5bbd3 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Mon, 10 Jan 2022 12:37:38 -0500 Subject: [PATCH 1/2] TESTS: Restrict smartcard in sc auth tests Smartcard auth related tests can fail when tests are run on a machine(F34) with a yubikey inserted. Add a p11_uri option to filter only the softhsm2-used test cards. --- src/tests/cmocka/test_pam_srv.c | 3 ++- src/tests/intg/test_pam_responder.py | 4 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/src/tests/cmocka/test_pam_srv.c b/src/tests/cmocka/test_pam_srv.c index c86c32a907..bebda99a4d 100644 --- a/src/tests/cmocka/test_pam_srv.c +++ b/src/tests/cmocka/test_pam_srv.c @@ -289,6 +289,7 @@ static int pam_test_setup(void **state) }; struct sss_test_conf_param pam_params[] = { +{ CONFDB_PAM_P11_URI, "pkcs11:manufacturer=SoftHSM%20project" }, { "p11_child_timeout", "30" }, { "pam_cert_verification", NULL }, { NULL, NULL }, /* Sentinel */ @@ -3105,7 +3106,7 @@ void test_pam_preauth_ocsp_no_ocsp(void **state) }; struct sss_test_conf_param pam_params[] = { -{ CONFDB_PAM_P11_URI, NULL }, +{ CONFDB_PAM_P11_URI, "pkcs11:manufacturer=SoftHSM%20project" }, { NULL, NULL }, /* Sentinel */ }; diff --git a/src/tests/intg/test_pam_responder.py b/src/tests/intg/test_pam_responder.py index 866a79267c..ff599d3d40 100644 --- a/src/tests/intg/test_pam_responder.py +++ b/src/tests/intg/test_pam_responder.py @@ -134,6 +134,8 @@ def format_pam_cert_auth_conf(config): pam_p11_allowed_services = +pam_sss_service, +pam_sss_sc_required, \ +pam_sss_try_sc, +pam_sss_allow_missing_name pam_cert_db_path = {config.PAM_CERT_DB_PATH} +p11_uri = pkcs11:manufacturer=SoftHSM%20project; \ + token=SSSD%20Test%20Token p11_child_timeout = 5 p11_wait_for_card_timeout = 5 debug_level = 10 @@ -164,6 +166,8 @@ def format_pam_cert_auth_conf_name_format(config): pam_p11_allowed_services = +pam_sss_service, +pam_sss_sc_required, \ +pam_sss_try_sc, +pam_sss_allow_missing_name pam_cert_db_path = {config.PAM_CERT_DB_PATH} +p11_uri = pkcs11:manufacturer=SoftHSM%20project; \ + token=SSSD%20Test%20Token p11_child_timeout = 5 p11_wait_for_card_timeout = 5 debug_level = 10 From 40ecbdbefe665bf3fef12d3dfcc4ddcdf19ec586 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Mon, 17 Jan 2022 08:18:19 -0500 Subject: [PATCH 2/2] P11: Increase array size of extra_args Setting the p11_uri for PAM smartcard auth tests leads to some tests (test_pam_cert_autH) requiring >18 elements as arg_c. --- src/responder/pam/pamsrv_p11.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/responder/pam/pamsrv_p11.c b/src/responder/pam/pamsrv_p11.c index 0ad7d7590e..09b247de91 100644 --- a/src/responder/pam/pamsrv_p11.c +++ b/src/responder/pam/pamsrv_p11.c @@ -719,7 +719,7 @@ struct tevent_req *pam_check_cert_send(TALLOC_CTX *mem_ctx, struct timeval tv; int pipefd_to_child[2] = PIPE_INIT; int pipefd_from_child[2] = PIPE_INIT; -const char *extra_args[18] = { NULL }; +const char *extra_args[19] = { NULL }; uint8_t *write_buf = NULL; size_t write_buf_len = 0; size_t arg_c; ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5945][+Waiting for review] INTG: Restrict smartcard in sc auth tests
URL: https://github.com/SSSD/sssd/pull/5945 Title: #5945: INTG: Restrict smartcard in sc auth tests Label: +Waiting for review ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5945][comment] INTG: Restrict smartcard in sc auth tests
URL: https://github.com/SSSD/sssd/pull/5945 Title: #5945: INTG: Restrict smartcard in sc auth tests justin-stephenson commented: """ > Please hold off on pushing this, I found that pam-srv-tests unit tests are > failing also for the same reason. I'd like to add a commit here to fix this. I added changes to the unit tests to fix this, amending the existing commit here. The array size change is needed because after these changes the `--uri` option is added to extra_args, and some tests (test_pam_cert_auth) arg_c now have a count of 18 Please re-review when able to, nothing urgent of course :smile: """ See the full comment at https://github.com/SSSD/sssd/pull/5945#issuecomment-1013475474 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5945][synchronized] INTG: Restrict smartcard in sc auth tests
URL: https://github.com/SSSD/sssd/pull/5945 Author: justin-stephenson Title: #5945: INTG: Restrict smartcard in sc auth tests Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5945/head:pr5945 git checkout pr5945 From 9ff0cc51bffdfea10dcd8e4d93a9f42f78285474 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Mon, 10 Jan 2022 12:37:38 -0500 Subject: [PATCH] TESTS: Restrict smartcard in sc auth tests Smartcard auth related tests can fail when tests are run on a machine(F34) with a yubikey inserted. Add a p11_uri option to filter only the softhsm2-used test cards. --- src/responder/pam/pamsrv_p11.c | 2 +- src/tests/cmocka/test_pam_srv.c | 3 ++- src/tests/intg/test_pam_responder.py | 4 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/responder/pam/pamsrv_p11.c b/src/responder/pam/pamsrv_p11.c index 0ad7d7590e..09b247de91 100644 --- a/src/responder/pam/pamsrv_p11.c +++ b/src/responder/pam/pamsrv_p11.c @@ -719,7 +719,7 @@ struct tevent_req *pam_check_cert_send(TALLOC_CTX *mem_ctx, struct timeval tv; int pipefd_to_child[2] = PIPE_INIT; int pipefd_from_child[2] = PIPE_INIT; -const char *extra_args[18] = { NULL }; +const char *extra_args[19] = { NULL }; uint8_t *write_buf = NULL; size_t write_buf_len = 0; size_t arg_c; diff --git a/src/tests/cmocka/test_pam_srv.c b/src/tests/cmocka/test_pam_srv.c index c86c32a907..bebda99a4d 100644 --- a/src/tests/cmocka/test_pam_srv.c +++ b/src/tests/cmocka/test_pam_srv.c @@ -289,6 +289,7 @@ static int pam_test_setup(void **state) }; struct sss_test_conf_param pam_params[] = { +{ CONFDB_PAM_P11_URI, "pkcs11:manufacturer=SoftHSM%20project" }, { "p11_child_timeout", "30" }, { "pam_cert_verification", NULL }, { NULL, NULL }, /* Sentinel */ @@ -3105,7 +3106,7 @@ void test_pam_preauth_ocsp_no_ocsp(void **state) }; struct sss_test_conf_param pam_params[] = { -{ CONFDB_PAM_P11_URI, NULL }, +{ CONFDB_PAM_P11_URI, "pkcs11:manufacturer=SoftHSM%20project" }, { NULL, NULL }, /* Sentinel */ }; diff --git a/src/tests/intg/test_pam_responder.py b/src/tests/intg/test_pam_responder.py index 866a79267c..ff599d3d40 100644 --- a/src/tests/intg/test_pam_responder.py +++ b/src/tests/intg/test_pam_responder.py @@ -134,6 +134,8 @@ def format_pam_cert_auth_conf(config): pam_p11_allowed_services = +pam_sss_service, +pam_sss_sc_required, \ +pam_sss_try_sc, +pam_sss_allow_missing_name pam_cert_db_path = {config.PAM_CERT_DB_PATH} +p11_uri = pkcs11:manufacturer=SoftHSM%20project; \ + token=SSSD%20Test%20Token p11_child_timeout = 5 p11_wait_for_card_timeout = 5 debug_level = 10 @@ -164,6 +166,8 @@ def format_pam_cert_auth_conf_name_format(config): pam_p11_allowed_services = +pam_sss_service, +pam_sss_sc_required, \ +pam_sss_try_sc, +pam_sss_allow_missing_name pam_cert_db_path = {config.PAM_CERT_DB_PATH} +p11_uri = pkcs11:manufacturer=SoftHSM%20project; \ + token=SSSD%20Test%20Token p11_child_timeout = 5 p11_wait_for_card_timeout = 5 debug_level = 10 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5945][comment] INTG: Restrict smartcard in sc auth tests
URL: https://github.com/SSSD/sssd/pull/5945 Title: #5945: INTG: Restrict smartcard in sc auth tests justin-stephenson commented: """ Please hold off on pushing this, I found that pam-srv-tests unit tests are failing also for the same reason. I'd like to add a commit here to fix this. """ See the full comment at https://github.com/SSSD/sssd/pull/5945#issuecomment-1013270149 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5945][-Accepted] INTG: Restrict smartcard in sc auth tests
URL: https://github.com/SSSD/sssd/pull/5945 Title: #5945: INTG: Restrict smartcard in sc auth tests Label: -Accepted ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5945][-Ready to push] INTG: Restrict smartcard in sc auth tests
URL: https://github.com/SSSD/sssd/pull/5945 Title: #5945: INTG: Restrict smartcard in sc auth tests Label: -Ready to push ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5945][synchronized] INTG: Restrict smartcard in sc auth tests
URL: https://github.com/SSSD/sssd/pull/5945 Author: justin-stephenson Title: #5945: INTG: Restrict smartcard in sc auth tests Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5945/head:pr5945 git checkout pr5945 From 8a7628a16940cbddfbbc391c4632aa05569fe55b Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Mon, 10 Jan 2022 12:37:38 -0500 Subject: [PATCH] INTG: Restrict smartcard in sc auth tests Smartcard auth related tests can fail when integration tests are run on a machine(F34) with a yubikey inserted. Add a p11_uri option to filter only the softhsm2-used integration test cards. --- src/tests/intg/test_pam_responder.py | 4 1 file changed, 4 insertions(+) diff --git a/src/tests/intg/test_pam_responder.py b/src/tests/intg/test_pam_responder.py index 866a79267c..ff599d3d40 100644 --- a/src/tests/intg/test_pam_responder.py +++ b/src/tests/intg/test_pam_responder.py @@ -134,6 +134,8 @@ def format_pam_cert_auth_conf(config): pam_p11_allowed_services = +pam_sss_service, +pam_sss_sc_required, \ +pam_sss_try_sc, +pam_sss_allow_missing_name pam_cert_db_path = {config.PAM_CERT_DB_PATH} +p11_uri = pkcs11:manufacturer=SoftHSM%20project; \ + token=SSSD%20Test%20Token p11_child_timeout = 5 p11_wait_for_card_timeout = 5 debug_level = 10 @@ -164,6 +166,8 @@ def format_pam_cert_auth_conf_name_format(config): pam_p11_allowed_services = +pam_sss_service, +pam_sss_sc_required, \ +pam_sss_try_sc, +pam_sss_allow_missing_name pam_cert_db_path = {config.PAM_CERT_DB_PATH} +p11_uri = pkcs11:manufacturer=SoftHSM%20project; \ + token=SSSD%20Test%20Token p11_child_timeout = 5 p11_wait_for_card_timeout = 5 debug_level = 10 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5945][opened] INTG: Restrict smartcard in sc auth tests
URL: https://github.com/SSSD/sssd/pull/5945 Author: justin-stephenson Title: #5945: INTG: Restrict smartcard in sc auth tests Action: opened PR body: """ Smartcard auth related tests can fail when integration tests are run on a machine(F34) with a yubikey inserted. Add a `p11_uri` option to filter only the softhsm2-used integration test cards. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5945/head:pr5945 git checkout pr5945 From b7e1d7cf782427ed319da378f25f6d152330118c Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Mon, 10 Jan 2022 12:37:38 -0500 Subject: [PATCH] INTG: Restrict smartcard in sc auth tests Smartcard auth related tests can fail when integration tests are run on a machine(F34) with a yubikey inserted. Add a p11_uri option to filter only the softhsm2-used integration test cards. --- src/tests/intg/test_pam_responder.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/tests/intg/test_pam_responder.py b/src/tests/intg/test_pam_responder.py index 866a79267c..db6a7e1315 100644 --- a/src/tests/intg/test_pam_responder.py +++ b/src/tests/intg/test_pam_responder.py @@ -134,6 +134,7 @@ def format_pam_cert_auth_conf(config): pam_p11_allowed_services = +pam_sss_service, +pam_sss_sc_required, \ +pam_sss_try_sc, +pam_sss_allow_missing_name pam_cert_db_path = {config.PAM_CERT_DB_PATH} +p11_uri = pkcs11:manufacturer=SoftHSM%20project;token=SSSD%20Test%20Token p11_child_timeout = 5 p11_wait_for_card_timeout = 5 debug_level = 10 @@ -164,6 +165,7 @@ def format_pam_cert_auth_conf_name_format(config): pam_p11_allowed_services = +pam_sss_service, +pam_sss_sc_required, \ +pam_sss_try_sc, +pam_sss_allow_missing_name pam_cert_db_path = {config.PAM_CERT_DB_PATH} +p11_uri = pkcs11:manufacturer=SoftHSM%20project;token=SSSD%20Test%20Token p11_child_timeout = 5 p11_wait_for_card_timeout = 5 debug_level = 10 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5930][comment] Tests: Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5930 Title: #5930: Tests: Health and Support Analyzer - Add request log parsing utility justin-stephenson commented: """ Hi Shridhar, https://github.com/SSSD/sssd/pull/5863 changed how the chain ID is logged in responders, and also changed the analyzer log parsing to cope with this. I haven't checked but it may require these analyzer tests to be updated. If you have any questions feel free to ping me. """ See the full comment at https://github.com/SSSD/sssd/pull/5930#issuecomment-1000328536 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From 8f4672f7028c4b538a6fb554d6d0d4413b5655c2 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/16] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index 5fed0d0973..54a681bc53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1266,6 +1267,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ src/util/nss_dl_load.c \ src/util/nss_dl_load_extra.c \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HA
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From 8f4672f7028c4b538a6fb554d6d0d4413b5655c2 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/16] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index 5fed0d0973..54a681bc53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1266,6 +1267,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ src/util/nss_dl_load.c \ src/util/nss_dl_load_extra.c \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HA
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From 8f4672f7028c4b538a6fb554d6d0d4413b5655c2 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/17] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index 5fed0d0973..54a681bc53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1266,6 +1267,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ src/util/nss_dl_load.c \ src/util/nss_dl_load_extra.c \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HA
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From 8f4672f7028c4b538a6fb554d6d0d4413b5655c2 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/17] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index 5fed0d0973..54a681bc53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1266,6 +1267,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ src/util/nss_dl_load.c \ src/util/nss_dl_load_extra.c \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HA
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From 8f4672f7028c4b538a6fb554d6d0d4413b5655c2 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/17] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index 5fed0d0973..54a681bc53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1266,6 +1267,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ src/util/nss_dl_load.c \ src/util/nss_dl_load_extra.c \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HA
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From 8f4672f7028c4b538a6fb554d6d0d4413b5655c2 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/17] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index 5fed0d0973..54a681bc53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1266,6 +1267,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ src/util/nss_dl_load.c \ src/util/nss_dl_load_extra.c \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HA
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From b2658166f8667642245b6b0da7bcfe918d47068e Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/17] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index 5fed0d0973..54a681bc53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1266,6 +1267,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ src/util/nss_dl_load.c \ src/util/nss_dl_load_extra.c \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HA
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ > https://s3.eu-central-1.amazonaws.com/sssd-ci/PR-5863/20/fedora33/ci-make-intgcheck.log Not sure how this was caused by my PR, I'm triggering a re-run of the CI before I leave for the weekend. I'll have to investigate further on Monday if it shows the same failures. I couldn't reproduce this failure locally but I am on Fedora 34, not 33 """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-997044673 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ * Added one final commit (I hope) https://github.com/SSSD/sssd/pull/5863/commits/8ab51e9dbd3ec7a469f0e38046f2354297e7b7ba """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-996886077 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From b2658166f8667642245b6b0da7bcfe918d47068e Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/17] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index 5fed0d0973..54a681bc53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1266,6 +1267,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ src/util/nss_dl_load.c \ src/util/nss_dl_load_extra.c \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HA
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ > ``` > [root@master1 /]# sssctl analyze request list -v > NOTE: Tevent chain ID support missing, request analysis will be limited. > It is recommended to use the --logdir option against tevent chain ID > supported SSSD logs. > 2021-12-17 8:09:10: [uid 0] CID #: getent >- User by name > Traceback (most recent call last): > File "/usr/libexec/sssd/sss_analyze", line 5, in > sss_analyze.run() > File "/usr/lib/python3/site-packages/sssd/sss_analyze.py", line 104, in run > analyzer.main() > File "/usr/lib/python3/site-packages/sssd/sss_analyze.py", line 99, in main > args.func(args) > File "/usr/lib/python3/site-packages/sssd/modules/request.py", line 231, in > list_requests > self.print_formatted(line, args.verbose) > File "/usr/lib/python3/site-packages/sssd/modules/request.py", line 168, in > print_formatted > cr_field = fields[3][7:] > IndexError: list index out of range > Command '/usr/libexec/sssd/sss_analyze' failed with [1] > ``` @stanislavlevin Does your distribution provide a recent [libtevent](https://tevent.samba.org/) package ? The analyzer tool is effectively useless without tevent chain ID support. We do not handle this case well inside analyzer code, perhaps we just return gracefully and print a stronger error message in this situation. """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-996720068 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From fc2a3aac18661ea7fe43e7adf477e06ae2cf988e Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/16] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index 5fed0d0973..54a681bc53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1266,6 +1267,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ src/util/nss_dl_load.c \ src/util/nss_dl_load_extra.c \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HA
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ Latest push adds the following into this PR, to incorporate changes from PR 5845 and avoid the need to rebase * Commit from @stanislavlevin in https://github.com/SSSD/sssd/pull/5845 * https://github.com/SSSD/sssd/pull/5863/commits/bf38817478bf234adab6043b9ce60e45a76908b6 on top to address circular import issue exposed by PR 5845 """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-996081969 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From fc2a3aac18661ea7fe43e7adf477e06ae2cf988e Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/16] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index 5fed0d0973..54a681bc53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1266,6 +1267,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ src/util/nss_dl_load.c \ src/util/nss_dl_load_extra.c \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HA
[SSSD] [sssd PR#5845][comment] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports justin-stephenson commented: """ > * added a workaround for this, but the sources should be reorganized. HI @stanislavlevin we are nearing an upstream release deadline, and we have an outstanding PR https://github.com/SSSD/sssd/pull/5863 which also may be affected by this PR. I would like to cherry pick your patch here and add it to my PR 5863 if it is okay for you. I will amend your patch to avoid the circular import workaround as described above, but will leave you as the original author. """ See the full comment at https://github.com/SSSD/sssd/pull/5845#issuecomment-996056361 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5845][comment] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports justin-stephenson commented: """ > @justin-stephenson, there is the circular import on the recent change exposed > with this PR: > > ``` > [root@master1 /]# sssctl analyze > NOTE: Tevent chain ID support missing, request analysis will be limited. > It is recommended to use the --logdir option against tevent chain ID > supported SSSD logs. > Traceback (most recent call last): > File "/usr/libexec/sssd/sss_analyze", line 3, in > from sssd import sss_analyze > File "/usr/lib/python3/site-packages/sssd/sss_analyze.py", line 3, in > > from sssd.modules import request > File "/usr/lib/python3/site-packages/sssd/modules/request.py", line 6, in > > from sssd.sss_analyze import SubparsersAction > ImportError: cannot import name 'SubparsersAction' from partially initialized > module 'sssd.sss_analyze' (most likely due to a circular import) > (/usr/lib/python3/site-packages/sssd/sss_analyze.py) > Command '/usr/libexec/sssd/sss_analyze' failed with [1] > ``` I can fix this properly if I can push to your PR here. class SubparsersAction and class Option can be moved to a separate file(like parser.py), the Analyzer() instance can be passed as an argument to RequestAnalyzer setup_args() therefore we don't need to import Analyzer in modules/request """ See the full comment at https://github.com/SSSD/sssd/pull/5845#issuecomment-996048609 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ > @justin-stephenson, please rebase. Done, thank you. """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-995837651 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From fc2a3aac18661ea7fe43e7adf477e06ae2cf988e Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/14] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index 5fed0d0973..54a681bc53 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1266,6 +1267,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ src/util/nss_dl_load.c \ src/util/nss_dl_load_extra.c \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HA
[SSSD] [sssd PR#5913][synchronized] Analyzer: Remove python-click dependency
URL: https://github.com/SSSD/sssd/pull/5913 Author: justin-stephenson Title: #5913: Analyzer: Remove python-click dependency Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5913/head:pr5913 git checkout pr5913 From de3635a9b3f8c64cabde4dcbcd3d9a61440ac629 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Tue, 7 Dec 2021 10:21:36 -0500 Subject: [PATCH] Analyzer: Remove python-click dependency As python-click will not be in RHEL9, switch to using the builtin argparse python module. --- contrib/sssd.spec.in | 3 +- src/tools/analyzer/modules/request.py | 129 +++- src/tools/analyzer/sss_analyze.py | 166 +++--- 3 files changed, 226 insertions(+), 72 deletions(-) diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 015cd6b8ff..5cb9726a4d 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -221,9 +221,8 @@ Requires: sssd-common = %{version}-%{release} Requires: python3-sss = %{version}-%{release} Requires: python3-sssdconfig = %{version}-%{release} Requires: libsss_certmap = %{version}-%{release} -# required by sss_analyze +# for logger=journald support with sss_analyze Requires: python3-systemd -Requires: python3-click Requires: sssd-dbus %description tools diff --git a/src/tools/analyzer/modules/request.py b/src/tools/analyzer/modules/request.py index 098a9197bb..0d7c906f31 100644 --- a/src/tools/analyzer/modules/request.py +++ b/src/tools/analyzer/modules/request.py @@ -1,67 +1,91 @@ import re import copy -import click import logging +import argparse from enum import Enum from source_files import Files from source_journald import Journald +from sssd.sss_analyze import SubparsersAction +from sssd.sss_analyze import Option +from sssd.sss_analyze import Analyzer logger = logging.getLogger() -@click.group(help="Request module") -def request(): -pass - - -@request.command() -@click.option("-v", "--verbose", is_flag=True, help="Enables verbose output") -@click.option("--pam", is_flag=True, help="Filter only PAM requests") -@click.pass_obj -def list(ctx, verbose, pam): -analyzer = RequestAnalyzer() -source = analyzer.load(ctx) -analyzer.list_requests(source, verbose, pam) - - -@request.command() -@click.argument("cid", nargs=1, type=int, required=True) -@click.option("--merge", is_flag=True, help="Merge logs together sorted" - " by timestamp (requires debug_microseconds = True)") -@click.option("--cachereq", is_flag=True, help="Include cache request " - "related logs") -@click.option("--pam", is_flag=True, help="Track only PAM requests") -@click.pass_obj -def show(ctx, cid, merge, cachereq, pam): -analyzer = RequestAnalyzer() -source = analyzer.load(ctx) -analyzer.track_request(source, cid, merge, cachereq, pam) - - class RequestAnalyzer: """ A request analyzer module, handles request tracking logic and analysis. Parses input generated from a source Reader. """ +module_parser = None consumed_logs = [] done = "" +list_opts = [ +Option('--verbose', 'Verbose output', bool, '-v'), +Option('--pam', 'Filter only PAM requests', bool), +] + +show_opts = [ +Option('cid', 'Track request with this ID', int), +Option('--cachereq', 'Include cache request logs', bool), +Option('--merge', 'Merge logs together sorted by timestamp', bool), +Option('--pam', 'Track only PAM requests', bool), +] + +def print_module_help(self, args): +""" +Print the module parser help output + +Args: +args (Namespace): argparse parsed arguments +""" +self.module_parser.print_help() + +def setup_args(self, parser_grp): +""" +Setup module parser, subcommands, and options -def load(self, ctx): +Args: +parser_grp (argparse.Action): Parser group to nest + module and subcommands under +""" +desc = "Analyze request tracking module" +self.module_parser = parser_grp.add_parser('request', + description=desc, + help='Request tracking') + +subparser = self.module_parser.add_subparsers(title=None, + dest='subparser', +
[SSSD] [sssd PR#5845][comment] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports justin-stephenson commented: """ > @justin-stephenson, thank you for your patience :) Thank you! """ See the full comment at https://github.com/SSSD/sssd/pull/5845#issuecomment-994814674 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5845][+Accepted] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports Label: +Accepted ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5913][synchronized] Analyzer: Remove python-click dependency
URL: https://github.com/SSSD/sssd/pull/5913 Author: justin-stephenson Title: #5913: Analyzer: Remove python-click dependency Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5913/head:pr5913 git checkout pr5913 From 5e59fa992e15e2e9913e26bbce12c0d102eb162e Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Tue, 7 Dec 2021 10:21:36 -0500 Subject: [PATCH] Analyzer: Remove python-click dependency As python-click will not be in RHEL9, switch to using the builtin argparse python module. --- contrib/sssd.spec.in | 3 +- src/tools/analyzer/modules/request.py | 129 +++- src/tools/analyzer/sss_analyze.py | 166 +++--- 3 files changed, 226 insertions(+), 72 deletions(-) diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 015cd6b8ff..5cb9726a4d 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -221,9 +221,8 @@ Requires: sssd-common = %{version}-%{release} Requires: python3-sss = %{version}-%{release} Requires: python3-sssdconfig = %{version}-%{release} Requires: libsss_certmap = %{version}-%{release} -# required by sss_analyze +# for logger=journald support with sss_analyze Requires: python3-systemd -Requires: python3-click Requires: sssd-dbus %description tools diff --git a/src/tools/analyzer/modules/request.py b/src/tools/analyzer/modules/request.py index 098a9197bb..ff9592e308 100644 --- a/src/tools/analyzer/modules/request.py +++ b/src/tools/analyzer/modules/request.py @@ -1,67 +1,91 @@ import re import copy -import click import logging +import argparse from enum import Enum from source_files import Files from source_journald import Journald +from sss_analyze import SubparsersAction +from sss_analyze import Option +from sss_analyze import Analyzer logger = logging.getLogger() -@click.group(help="Request module") -def request(): -pass - - -@request.command() -@click.option("-v", "--verbose", is_flag=True, help="Enables verbose output") -@click.option("--pam", is_flag=True, help="Filter only PAM requests") -@click.pass_obj -def list(ctx, verbose, pam): -analyzer = RequestAnalyzer() -source = analyzer.load(ctx) -analyzer.list_requests(source, verbose, pam) - - -@request.command() -@click.argument("cid", nargs=1, type=int, required=True) -@click.option("--merge", is_flag=True, help="Merge logs together sorted" - " by timestamp (requires debug_microseconds = True)") -@click.option("--cachereq", is_flag=True, help="Include cache request " - "related logs") -@click.option("--pam", is_flag=True, help="Track only PAM requests") -@click.pass_obj -def show(ctx, cid, merge, cachereq, pam): -analyzer = RequestAnalyzer() -source = analyzer.load(ctx) -analyzer.track_request(source, cid, merge, cachereq, pam) - - class RequestAnalyzer: """ A request analyzer module, handles request tracking logic and analysis. Parses input generated from a source Reader. """ +module_parser = None consumed_logs = [] done = "" +list_opts = [ +Option('--verbose', 'Verbose output', bool, '-v'), +Option('--pam', 'Filter only PAM requests', bool), +] + +show_opts = [ +Option('cid', 'Track request with this ID', int), +Option('--cachereq', 'Include cache request logs', bool), +Option('--merge', 'Merge logs together sorted by timestamp', bool), +Option('--pam', 'Track only PAM requests', bool), +] + +def print_module_help(self, args): +""" +Print the module parser help output + +Args: +args (Namespace): argparse parsed arguments +""" +self.module_parser.print_help() + +def setup_args(self, parser_grp): +""" +Setup module parser, subcommands, and options -def load(self, ctx): +Args: +parser_grp (argparse.Action): Parser group to nest + module and subcommands under +""" +desc = "Analyze request tracking module" +self.module_parser = parser_grp.add_parser('request', + description=desc, + help='Request tracking') + +subparser = self.module_parser.add_subparsers(title=None, + dest='subparser', + action=SubparsersAction, +
[SSSD] [sssd PR#5845][comment] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports justin-stephenson commented: """ > @justin-stephenson, `sss_analyze.py` is the module lived in site-packages, > while `sss_analyze` is just a wrapper over that module. Do you want to > completely drop `sss_analyze.py` module? I see now the addition of the new wrapper, let's leave as is for now. Ack to these changes. """ See the full comment at https://github.com/SSSD/sssd/pull/5845#issuecomment-993530470 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ These changes remove the analyzer `--cachereq'`option and add a new `--child` option, https://sssd.io/troubleshooting/analyzer.html will need to be updated when these changes are released. """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-992919778 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ > > This introduced an issue where `[ldb]` messages are tagged with CID/RID, > > which makes the log analyzer output quite unfriendly/ugly. > > But this requires log with `SSSDBG_TRACE_LDB` enabled - something that should > not really happen much in the wild, right? Probably we don't have to do > anything with it at all? You are right, I forgot i had debug_level = 10 set. Probably it can be ignored then. > > ``` > > if (debug_chain_id > 0) { > > -sss_debug_backtrace_printf(level, debug_chain_id_fmt, > > debug_chain_id); > > +if (strcmp(function, "ldb") != 0) { > ``` > > Doesn't look appealing... Imo, even check for `level` would be better, but > see above. Ok disregard. """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-992915864 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ Latest push addresses final items requested by Pavel: * splits a commit for [adding chain_id](https://github.com/SSSD/sssd/pull/5863/commits/bc5f885dcab2d6e61863bcc5fdc4ee2c3867f063) * removed cache req workaround and added commit https://github.com/SSSD/sssd/pull/5863/commits/a671dc01e219c6004ca24faab50a0c0f14580db8 (proper fix) This introduced an issue where `[ldb]` messages are tagged with CID/RID, which makes the log analyzer output quite unfriendly/ugly. ~~~ (2021-12-13 15:35:32): [be[redhat.com]] [sdap_save_user] (0x0400): [RID#4] Storing info for user jstep...@redhat.com (2021-12-13 15:35:32): [be[redhat.com]] [ldb] (0x1): [RID#4] start ldb transaction (nesting: 1) (2021-12-13 15:35:32): [be[redhat.com]] [ldb] (0x1): [RID#4] Added timed event "ldb_kv_callback": 0x1895110 (2021-12-13 15:35:32): [be[redhat.com]] [ldb] (0x1): [RID#4] Added timed event "ldb_kv_timeout": 0x18a79c0 (2021-12-13 15:35:32): [be[redhat.com]] [ldb] (0x1): [RID#4] Running timer event 0x1895110 "ldb_kv_callback" (2021-12-13 15:35:32): [be[redhat.com]] [ldb] (0x1): [RID#4] Destroying timer event 0x18a79c0 "ldb_kv_timeout" (2021-12-13 15:35:32): [be[redhat.com]] [ldb] (0x1): [RID#4] Destroying timer event 0x1895110 "ldb_kv_callback" (2021-12-13 15:35:32): [be[redhat.com]] [sysdb_search_by_name] (0x0400): [RID#4] No such entry (2021-12-13 15:35:32): [be[redhat.com]] [sysdb_store_user] (0x1000): [RID#4] User jstep...@redhat.com does not exist. ~~~ It could be addressed with the following diff, some other way in the ldb code, or these logs can be simply filtered out in the analyzer code. What do you suggest @alexey-tikhonov @sumit-bose ? ~~~ diff --git a/src/util/debug.c b/src/util/debug.c index b54eca7ce..33d6ea049 100644 --- a/src/util/debug.c +++ b/src/util/debug.c @@ -354,7 +354,9 @@ void sss_vdebug_fn(const char *file, debug_prg_name, function, level); if (debug_chain_id > 0) { -sss_debug_backtrace_printf(level, debug_chain_id_fmt, debug_chain_id); +if (strcmp(function, "ldb") != 0) { +sss_debug_backtrace_printf(level, debug_chain_id_fmt, debug_chain_id); +} } sss_debug_backtrace_vprintf(level, format, ap); ~~~ """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-992881236 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From 1f1248f9bd0ee722dc59b17ea28970509512b5ce Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/14] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5845][comment] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports justin-stephenson commented: """ > @justin-stephenson, how can I interpret the deletion of your comment? ack or > reject or I don't know? :-) > > Rebased (hope finally). We came to a consensus on approving the move of sss_analyze to libexec, now I see `sss_analyze` is installed there but it is also still being installed into `site-packages/sssd`. Would you mind fixing this? That should be the last thing needed. """ See the full comment at https://github.com/SSSD/sssd/pull/5845#issuecomment-992714761 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5845][comment] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports justin-stephenson commented: """ Okay, then ack to moving the files to libexec. Sorry for any confusion. """ See the full comment at https://github.com/SSSD/sssd/pull/5845#issuecomment-991022434 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5845][comment] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports justin-stephenson commented: """ Okay, then ack to moving the files to libexec. Sorry for any confusion. """ See the full comment at https://github.com/SSSD/sssd/pull/5845#issuecomment-991022434 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5845][comment] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports justin-stephenson commented: """ Overall i'm fine to move the files into `libexec/sssd` but as we suspect there will be more changes to `sss_analyze`/`sssctl` python packaging in the near future, in my opinion it makes sense to leave the files as is (as we just released the analyzer installing into `site-packages`) unless there is a compelling enough reason for the move. """ See the full comment at https://github.com/SSSD/sssd/pull/5845#issuecomment-990036563 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5913][opened] Analyzer: Remove python-click dependency
URL: https://github.com/SSSD/sssd/pull/5913 Author: justin-stephenson Title: #5913: Analyzer: Remove python-click dependency Action: opened PR body: """ As python-click will not be in RHEL9, switch to using the builtin argparse python module. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5913/head:pr5913 git checkout pr5913 From 9ba686c5c807a4b712bde0c41a2a4e13e24ed01e Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Tue, 7 Dec 2021 10:21:36 -0500 Subject: [PATCH] Analyzer: Remove python-click dependency As python-click will not be in RHEL9, switch to using the builtin argparse python module. --- contrib/sssd.spec.in | 3 +- src/tools/analyzer/modules/request.py | 129 +++- src/tools/analyzer/sss_analyze.py | 167 +++--- 3 files changed, 227 insertions(+), 72 deletions(-) diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 7f75b1b5a3..d327143576 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -221,9 +221,8 @@ Requires: sssd-common = %{version}-%{release} Requires: python3-sss = %{version}-%{release} Requires: python3-sssdconfig = %{version}-%{release} Requires: libsss_certmap = %{version}-%{release} -# required by sss_analyze +# for logger=journald support with sss_analyze Requires: python3-systemd -Requires: python3-click Recommends: sssd-dbus %description tools diff --git a/src/tools/analyzer/modules/request.py b/src/tools/analyzer/modules/request.py index 098a9197bb..ff9592e308 100644 --- a/src/tools/analyzer/modules/request.py +++ b/src/tools/analyzer/modules/request.py @@ -1,67 +1,91 @@ import re import copy -import click import logging +import argparse from enum import Enum from source_files import Files from source_journald import Journald +from sss_analyze import SubparsersAction +from sss_analyze import Option +from sss_analyze import Analyzer logger = logging.getLogger() -@click.group(help="Request module") -def request(): -pass - - -@request.command() -@click.option("-v", "--verbose", is_flag=True, help="Enables verbose output") -@click.option("--pam", is_flag=True, help="Filter only PAM requests") -@click.pass_obj -def list(ctx, verbose, pam): -analyzer = RequestAnalyzer() -source = analyzer.load(ctx) -analyzer.list_requests(source, verbose, pam) - - -@request.command() -@click.argument("cid", nargs=1, type=int, required=True) -@click.option("--merge", is_flag=True, help="Merge logs together sorted" - " by timestamp (requires debug_microseconds = True)") -@click.option("--cachereq", is_flag=True, help="Include cache request " - "related logs") -@click.option("--pam", is_flag=True, help="Track only PAM requests") -@click.pass_obj -def show(ctx, cid, merge, cachereq, pam): -analyzer = RequestAnalyzer() -source = analyzer.load(ctx) -analyzer.track_request(source, cid, merge, cachereq, pam) - - class RequestAnalyzer: """ A request analyzer module, handles request tracking logic and analysis. Parses input generated from a source Reader. """ +module_parser = None consumed_logs = [] done = "" +list_opts = [ +Option('--verbose', 'Verbose output', bool, '-v'), +Option('--pam', 'Filter only PAM requests', bool), +] + +show_opts = [ +Option('cid', 'Track request with this ID', int), +Option('--cachereq', 'Include cache request logs', bool), +Option('--merge', 'Merge logs together sorted by timestamp', bool), +Option('--pam', 'Track only PAM requests', bool), +] + +def print_module_help(self, args): +""" +Print the module parser help output + +Args: +args (Namespace): argparse parsed arguments +""" +self.module_parser.print_help() + +def setup_args(self, parser_grp): +""" +Setup module parser, subcommands, and options -def load(self, ctx): +Args: +parser_grp (argparse.Action): Parser group to nest + module and subcommands under +""" +desc = "Analyze request tracking module" +self.module_parser = parser_grp.add_parser('request', + description=desc, + help='Request tracking') + +subparser = self.module_parser.add_subparsers(title=None, +
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From 1f1248f9bd0ee722dc59b17ea28970509512b5ce Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/12] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From 1f1248f9bd0ee722dc59b17ea28970509512b5ce Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/12] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5886][comment] install python files conditionally
URL: https://github.com/SSSD/sssd/pull/5886 Title: #5886: install python files conditionally justin-stephenson commented: """ > Let me ask the question differently: does sssd require python > unconditionally? That is, even without python bindings, python is still > required for scripts such as `sss_analyze.py`? It should not be required strictly for `src/tools/analyzer` files. A ./configure build option (maybe --disable-analyzer) to handle conditional building of this can be added, it should just use a different macro than BUILD_PYTHON_BINDINGS. @pbrezina Do you agree? """ See the full comment at https://github.com/SSSD/sssd/pull/5886#issuecomment-976675936 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5886][comment] install python files conditionally
URL: https://github.com/SSSD/sssd/pull/5886 Title: #5886: install python files conditionally justin-stephenson commented: """ ~~~ Issue: sys-auth/sssd-2.6.0 installs files into unexpected paths. ~~~ Is this the build directory? What is an unexpected path for gentoo builds? I'm trying to understand if we are installing these python files incorrectly Based on https://www.gnu.org/software/automake/manual/html_node/Python.html these .py files should be installed under ~~~ pkgpythondir This is the directory under pythondir that is named after the package. That is, it is ‘$(pythondir)/$(PACKAGE)’. ~~~ """ See the full comment at https://github.com/SSSD/sssd/pull/5886#issuecomment-975946433 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5886][comment] install python files conditionally
URL: https://github.com/SSSD/sssd/pull/5886 Title: #5886: install python files conditionally justin-stephenson commented: """ Hello, will the latest patches in https://github.com/SSSD/sssd/pull/5845 to install these files under libexec address this issue for you? I don't think using `BUILD_PYTHON_BINDINGS` makes sense because these python files are related to the health check analyzer, not python bindings. """ See the full comment at https://github.com/SSSD/sssd/pull/5886#issuecomment-975881648 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ > Thanks, sorry I should have caught this. Fixed now. """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-975635466 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From b0a413efc48994c0fd0f01055c8158cdfcb14856 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/12] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From b0a413efc48994c0fd0f01055c8158cdfcb14856 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/12] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From b0a413efc48994c0fd0f01055c8158cdfcb14856 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/12] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From b0a413efc48994c0fd0f01055c8158cdfcb14856 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/12] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From b0a413efc48994c0fd0f01055c8158cdfcb14856 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/12] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ Now that the chain ID is logged in responder log files, should the analyzer tool always grep responder log files for `CID#` in `request show` output? This is simple but it means removing the `--cachereq` option as those logs would always be included in the output then. I added a commit for this `Analyzer: Search all responder log files` in case this is agreed upon behavior (will drop it if not). It does produce more output but it would be useful in solving any responder-logged problems """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-965751719 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From b0a413efc48994c0fd0f01055c8158cdfcb14856 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/12] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From b0a413efc48994c0fd0f01055c8158cdfcb14856 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/11] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ > Isn't it required to set `debug_from_responder` in `p11_child`? Yes, fixed. """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-965730359 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ > > Hi, > > I tend to the latter. The idea of the tool is to help to find issues. Adding > the child logs by default might make this harder especially if the issue is > not related to a child process. It might be even worth to be able to switch > on only a single child, e.g. `--child=krb5_child`. Okay agreed, I went ahead and added a `--child` boolean option defaulting to false to the `request show` subcommand > > Is there a reason you mostly send the id together with other data via stdin > and not with a command line option? Personally I would prefer a comand line > option because it makes the child process more easy to use manually. E.g. > currently you can run `p11_child` manually even in auth mode by calling > > ``` > echo -n PIN | /usr/libexec/sssd/p11_child --auth . > ``` > > Now additional 8 bytes are expected, which still would allow to call > `p11_child` manually but it would be less obvious. The PIN has to be send via > stdin, otherwise it would be visible on the command line and so visible for > everyone calling `ps`. Understood, I went ahead and switched to sending the chain ID as a command line argument for each child process. Could you please test the p11 child works as expected now? > > bye, Sumit """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-965727885 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From b0a413efc48994c0fd0f01055c8158cdfcb14856 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/11] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From b0a413efc48994c0fd0f01055c8158cdfcb14856 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 10 Nov 2021 15:41:23 + Subject: [PATCH 01/11] util: Split chain ID tevent functions Commonly used chain ID functions sss_chain_id_get() and sss_chain_id_set() will be isolated from requiring tevent when building sources. --- Makefile.am | 2 + src/providers/data_provider_be.c | 1 + src/util/sss_chain_id.c | 130 + src/util/sss_chain_id.h | 7 +- src/util/sss_chain_id_tevent.c | 138 +++ src/util/sss_chain_id_tevent.h | 29 +++ 6 files changed, 175 insertions(+), 132 deletions(-) create mode 100644 src/util/sss_chain_id_tevent.c create mode 100644 src/util/sss_chain_id_tevent.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..5174eba05a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -684,6 +684,7 @@ dist_noinst_HEADERS = \ src/util/session_recording.h \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ +src/util/sss_chain_id_tevent.h \ src/util/sss_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ @@ -1264,6 +1265,7 @@ libsss_util_la_SOURCES = \ src/util/files.c \ src/util/selinux.c \ src/util/sss_regexp.c \ +src/util/sss_chain_id_tevent.c \ src/util/sss_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 9d63b448ea..c632ec9461 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -47,6 +47,7 @@ #include "util/child_common.h" #include "resolv/async_resolv.h" #include "sss_iface/sss_iface_async.h" +#include "util/sss_chain_id_tevent.h" #include "util/sss_chain_id.h" #define ONLINE_CB_RETRY 3 diff --git a/src/util/sss_chain_id.c b/src/util/sss_chain_id.c index f892e2eb78..db312698ab 100644 --- a/src/util/sss_chain_id.c +++ b/src/util/sss_chain_id.c @@ -18,115 +18,8 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -#include "config.h" - -#include - -#ifdef BUILD_CHAIN_ID -extern uint64_t debug_chain_id; - -static void sss_chain_id_trace_fde(struct tevent_fd *fde, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_fd_set_tag(fde, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_fd_get_tag(fde); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_signal(struct tevent_signal *se, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_signal_set_tag(se, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_signal_get_tag(se); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_timer(struct tevent_timer *timer, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_timer_set_tag(timer, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the chain id when a handler is being called. */ -debug_chain_id = tevent_timer_get_tag(timer); -break; -default: -/* Do nothing. */ -break; -} -} - -static void sss_chain_id_trace_immediate(struct tevent_immediate *im, - enum tevent_event_trace_point point, - void *private_data) -{ -switch (point) { -case TEVENT_EVENT_TRACE_ATTACH: -/* Assign the current chain id when the event is created. */ -tevent_immediate_set_tag(im, debug_chain_id); -break; -case TEVENT_EVENT_TRACE_BEFORE_HANDLER: -/* Set the c
[SSSD] [sssd PR#5829][comment] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Title: #5829: DP: Resolve intermediate groups prior to SR overlay justin-stephenson commented: """ > I'm gonna do the release, pushing now. Thank you! """ See the full comment at https://github.com/SSSD/sssd/pull/5829#issuecomment-965328446 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5829][synchronized] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Author: justin-stephenson Title: #5829: DP: Resolve intermediate groups prior to SR overlay Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5829/head:pr5829 git checkout pr5829 From 3e84448e866290e31d02496c488c30926a2c0cd1 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Thu, 7 Oct 2021 00:37:25 + Subject: [PATCH] DP: Resolve intermediate groups prior to SR overlay SSSD SR exclude_groups checking can fail when only intermediate groups are fetched during the login process. Add a step to resolve these groups during Initgroups processing to ensure the exclude groups check matches against the group name correctly. This logic exists already similarly in the simple access provider. --- src/providers/data_provider/dp_target_id.c | 276 - 1 file changed, 267 insertions(+), 9 deletions(-) diff --git a/src/providers/data_provider/dp_target_id.c b/src/providers/data_provider/dp_target_id.c index a71cdf65c6..36f3a378f0 100644 --- a/src/providers/data_provider/dp_target_id.c +++ b/src/providers/data_provider/dp_target_id.c @@ -448,10 +448,238 @@ static void dp_req_initgr_pp_set_initgr_timestamp(struct dp_initgr_ctx *ctx, } } + +struct dp_sr_resolve_groups_state { +struct data_provider *provider; +struct dp_initgr_ctx *initgroups_ctx; +struct dp_reply_std reply; + +uint32_t *resolve_gids; /* Groups needing resolution */ +int resolve_gnum; +int num_iter; +uint32_t gnum; +}; + +static errno_t dp_sr_resolve_groups_check(struct dp_sr_resolve_groups_state *state); +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req); +static void dp_sr_resolve_groups_done(struct tevent_req *subreq); + +struct tevent_req * +dp_sr_resolve_groups_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct dp_reply_std reply, + struct data_provider *provider, + struct dp_initgr_ctx *initgr_ctx) +{ + +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +int ret; +struct session_recording_conf sr_conf; + +req = tevent_req_create(mem_ctx, &state, struct dp_sr_resolve_groups_state); +if (req == NULL) { +DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n"); +return NULL; +} + +if (initgr_ctx->username == NULL) { +ret = EOK; +goto done; +} + +sr_conf = provider->be_ctx->sr_conf; + +/* Only proceed if scope is applicable: 'some' or 'all' with groups to resolve */ +if ((sr_conf.scope == SESSION_RECORDING_SCOPE_SOME && sr_conf.groups != NULL) + || (sr_conf.scope == SESSION_RECORDING_SCOPE_ALL && sr_conf.exclude_groups != NULL)) { +state->provider = provider; +state->initgroups_ctx = initgr_ctx; +state->reply = reply; +state->gnum = initgr_ctx->gnum; + +/* Check if group is intermediate(has gidNumber and isPosix == False) */ +state->resolve_gids = talloc_zero_array(state, uint32_t, initgr_ctx->gnum + 1); +if (state->resolve_gids == NULL) { +ret = ENOMEM; +goto done; +} + +ret = dp_sr_resolve_groups_check(state); +if (ret != EOK) { +DEBUG(SSSDBG_OP_FAILURE, "Failed checking groups to resolve\n"); +goto done; +} + +state->num_iter = 0; +ret = dp_sr_resolve_groups_next(req); +if (ret == EAGAIN) { +/* async processing */ +return req; +} +} else { +ret = EOK; +goto done; +} + +done: +if (ret == EOK) { +tevent_req_done(req); +} else { +tevent_req_error(req, ret); +} +tevent_req_post(req, ev); + +return req; +} + +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *subreq; +struct dp_id_data *ar; +uint32_t gid; + +state = tevent_req_data(req, struct dp_sr_resolve_groups_state); + +if (state->num_iter >= state->resolve_gnum) { +return EOK; +} + +gid = state->resolve_gids[state->num_iter]; + +ar = talloc_zero(state, struct dp_id_data); +if (ar == NULL) { +return ENOMEM; +} + +ar->entry_type = BE_REQ_GROUP; +ar->filter_type = BE_FILTER_IDNUM; +ar->filter_value = talloc_asprintf(ar, "%llu", (unsigned long long) gid); +ar->domain = talloc_strdup(ar, state->initgroups_ctx->domain_info->name); +if (!ar->domain || !ar->filter_value) { +return ENOMEM; +} + +subreq = dp_req_send(state, state->provider, ar->domain, + "DP Resolve Group", 0,
[SSSD] [sssd PR#5829][synchronized] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Author: justin-stephenson Title: #5829: DP: Resolve intermediate groups prior to SR overlay Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5829/head:pr5829 git checkout pr5829 From f534cdb515be1cbfaeedcd55e7cfc635557a8e1f Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Thu, 7 Oct 2021 00:37:25 + Subject: [PATCH] DP: Resolve intermediate groups prior to SR overlay SSSD SR exclude_groups checking can fail when only intermediate groups are fetched during the login process. Add a step to resolve these groups during Initgroups processing to ensure the exclude groups check matches against the group name correctly. This logic exists already similarly in the simple access provider. --- src/providers/data_provider/dp_target_id.c | 277 - 1 file changed, 268 insertions(+), 9 deletions(-) diff --git a/src/providers/data_provider/dp_target_id.c b/src/providers/data_provider/dp_target_id.c index a71cdf65c6..a912116cb1 100644 --- a/src/providers/data_provider/dp_target_id.c +++ b/src/providers/data_provider/dp_target_id.c @@ -448,10 +448,239 @@ static void dp_req_initgr_pp_set_initgr_timestamp(struct dp_initgr_ctx *ctx, } } + +struct dp_sr_resolve_groups_state { +struct data_provider *provider; +struct dp_initgr_ctx *initgroups_ctx; +struct dp_reply_std reply; + +uint32_t *resolve_gids; /* Groups needing resolution */ +int resolve_gnum; +int num_iter; +uint32_t gnum; +}; + +static errno_t dp_sr_resolve_groups_check(struct dp_sr_resolve_groups_state *state); +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req); +static void dp_sr_resolve_groups_done(struct tevent_req *subreq); + +struct tevent_req * +dp_sr_resolve_groups_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct dp_reply_std reply, + struct data_provider *provider, + struct dp_initgr_ctx *initgr_ctx) +{ + +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +int ret; +struct session_recording_conf sr_conf; + +req = tevent_req_create(mem_ctx, &state, struct dp_sr_resolve_groups_state); +if (req == NULL) { +DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n"); +return NULL; +} + +if (initgr_ctx->username == NULL) { +ret = EOK; +goto done; +} + +sr_conf = provider->be_ctx->sr_conf; + +/* Only proceed if scope is applicable: 'some' or 'all' with groups to resolve */ +if ((sr_conf.scope == SESSION_RECORDING_SCOPE_SOME && sr_conf.groups != NULL) + || (sr_conf.scope == SESSION_RECORDING_SCOPE_ALL && sr_conf.exclude_groups != NULL)) { +DEBUG(SSSDBG_TRACE_LIBS, "JS-found groups to resolve\n"); +state->provider = provider; +state->initgroups_ctx = initgr_ctx; +state->reply = reply; +state->gnum = initgr_ctx->gnum; + +/* Check if group is intermediate(has gidNumber and isPosix == False) */ +state->resolve_gids = talloc_zero_array(state, uint32_t, initgr_ctx->gnum + 1); +if (state->resolve_gids == NULL) { +ret = ENOMEM; +goto done; +} + +ret = dp_sr_resolve_groups_check(state); +if (ret != EOK) { +DEBUG(SSSDBG_OP_FAILURE, "Failed checking groups to resolve\n"); +goto done; +} + +state->num_iter = 0; +ret = dp_sr_resolve_groups_next(req); +if (ret == EAGAIN) { +/* async processing */ +return req; +} +} else { +ret = EOK; +goto done; +} + +done: +if (ret == EOK) { +tevent_req_done(req); +} else { +tevent_req_error(req, ret); +} +tevent_req_post(req, ev); + +return req; +} + +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *subreq; +struct dp_id_data *ar; +uint32_t gid; + +state = tevent_req_data(req, struct dp_sr_resolve_groups_state); + +if (state->num_iter >= state->resolve_gnum) { +return EOK; +} + +gid = state->resolve_gids[state->num_iter]; + +ar = talloc_zero(state, struct dp_id_data); +if (ar == NULL) { +return ENOMEM; +} + +ar->entry_type = BE_REQ_GROUP; +ar->filter_type = BE_FILTER_IDNUM; +ar->filter_value = talloc_asprintf(ar, "%llu", (unsigned long long) gid); +ar->domain = talloc_strdup(ar, state->initgroups_ctx->domain_info->name); +if (!ar->domain || !ar->filter_value) { +return ENOMEM; +} + +subreq = dp_req_send(state, state->p
[SSSD] [sssd PR#5863][synchronized] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From 6a437178de902fd7070ce293ac750fb1a89238a2 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 3 Nov 2021 15:19:16 + Subject: [PATCH 01/11] util: Move chain ID getter/setter functions --- Makefile.am | 4 ++- src/providers/data_provider/dp_request.c | 2 +- src/providers/ldap/sdap_async.c | 2 +- src/providers/ldap/sdap_fd_events.c | 2 +- src/providers/ldap/sdap_id_op.c | 2 +- src/sbus/router/sbus_router_handler.c| 2 +- src/util/dbg_chain_id.c | 34 src/util/dbg_chain_id.h | 34 src/util/sss_chain_id.c | 25 + src/util/sss_chain_id.h | 6 - 10 files changed, 77 insertions(+), 36 deletions(-) create mode 100644 src/util/dbg_chain_id.c create mode 100644 src/util/dbg_chain_id.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..65c4693acc 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ src/util/sss_chain_id.h \ +src/util/dbg_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ src/util/sss_endian.h \ @@ -1051,7 +1052,7 @@ libsss_sbus_la_SOURCES = \ src/util/check_and_open.c \ src/util/debug.c \ src/util/debug_backtrace.c \ -src/util/sss_chain_id.c \ +src/util/dbg_chain_id.c \ src/util/sss_ptr_hash.c \ src/util/sss_ptr_list.c \ src/util/sss_utf8.c \ @@ -1265,6 +1266,7 @@ libsss_util_la_SOURCES = \ src/util/selinux.c \ src/util/sss_regexp.c \ src/util/sss_chain_id.c \ +src/util/dbg_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ $(AM_CFLAGS) \ diff --git a/src/providers/data_provider/dp_request.c b/src/providers/data_provider/dp_request.c index 3cbd55c1ec..29a941807e 100644 --- a/src/providers/data_provider/dp_request.c +++ b/src/providers/data_provider/dp_request.c @@ -27,7 +27,7 @@ #include "util/dlinklist.h" #include "util/util.h" #include "util/probes.h" -#include "util/sss_chain_id.h" +#include "util/dbg_chain_id.h" struct dp_req { struct data_provider *provider; diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c index da54705496..abf58db9f3 100644 --- a/src/providers/ldap/sdap_async.c +++ b/src/providers/ldap/sdap_async.c @@ -24,7 +24,7 @@ #include "util/util.h" #include "util/strtonum.h" #include "util/probes.h" -#include "util/sss_chain_id.h" +#include "util/dbg_chain_id.h" #include "providers/ldap/sdap_async_private.h" #define REPLY_REALLOC_INCREMENT 10 diff --git a/src/providers/ldap/sdap_fd_events.c b/src/providers/ldap/sdap_fd_events.c index 42b2efe260..40b101e47d 100644 --- a/src/providers/ldap/sdap_fd_events.c +++ b/src/providers/ldap/sdap_fd_events.c @@ -24,7 +24,7 @@ #include "util/util.h" #include "util/sss_sockets.h" -#include "util/sss_chain_id.h" +#include "util/dbg_chain_id.h" #include "providers/ldap/sdap_async_private.h" struct sdap_fd_events { diff --git a/src/providers/ldap/sdap_id_op.c b/src/providers/ldap/sdap_id_op.c index 55524707fe..d1012d61b0 100644 --- a/src/providers/ldap/sdap_id_op.c +++ b/src/providers/ldap/sdap_id_op.c @@ -25,7 +25,7 @@ #include "providers/ldap/ldap_common.h" #include "providers/ldap/sdap_async.h" #include "providers/ldap/sdap_id_op.h" -#include "util/sss_chain_id.h" +#include "util/dbg_chain_id.h" /* LDAP async connection cache */ struct sdap_id_conn_cache { diff --git a/src/sbus/router/sbus_router_handler.c b/src/sbus/router/sbus_router_handler.c index d9a374b414..870dc5b0a6 100644 --- a/src/sbus/router/sbus_router_handler.c +++ b/src/sbus/router/sbus_router_handler.c @@ -26,7 +26,7 @@ #include "util/util.h" #include "util/dlinklist.h" -#include "util/sss_chain_id.h" +#include "util/dbg_chain_id.h" #include "sbus/sbus_private.h" struct sbus_message_meta { diff --git a/src/util/dbg_chain_id.c b/src/util/dbg_chain_id.c new file mode 100644 index 00..3260b7bf6f --- /dev/null +++ b/src/util/dbg_chain_id.c @@ -0,0 +1,34 @@ +/* +Authors: +Justin Stephenson + +Copyright (C) 2021 Red Hat + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 3 of th
[SSSD] [sssd PR#5829][synchronized] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Author: justin-stephenson Title: #5829: DP: Resolve intermediate groups prior to SR overlay Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5829/head:pr5829 git checkout pr5829 From 845c32d125af2c9b57cb52d869288141260d0a6c Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Thu, 7 Oct 2021 00:37:25 + Subject: [PATCH] DP: Resolve intermediate groups prior to SR overlay SSSD SR exclude_groups checking can fail when only intermediate groups are fetched during the login process. Add a step to resolve these groups during Initgroups processing to ensure the exclude groups check matches against the group name correctly. This logic exists already similarly in the simple access provider. --- src/providers/data_provider/dp_target_id.c | 272 - 1 file changed, 263 insertions(+), 9 deletions(-) diff --git a/src/providers/data_provider/dp_target_id.c b/src/providers/data_provider/dp_target_id.c index a71cdf65c6..4260763741 100644 --- a/src/providers/data_provider/dp_target_id.c +++ b/src/providers/data_provider/dp_target_id.c @@ -448,10 +448,234 @@ static void dp_req_initgr_pp_set_initgr_timestamp(struct dp_initgr_ctx *ctx, } } + +struct dp_sr_resolve_groups_state { +struct data_provider *provider; +struct dp_initgr_ctx *initgroups_ctx; +struct dp_reply_std reply; + +uint32_t *resolve_gids; /* Groups needing resolution */ +int resolve_gnum; +int num_iter; +uint32_t gnum; +}; + +static errno_t dp_sr_resolve_groups_check(struct dp_sr_resolve_groups_state *state); +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req); +static void dp_sr_resolve_groups_done(struct tevent_req *subreq); + +struct tevent_req * +dp_sr_resolve_groups_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct dp_reply_std reply, + struct data_provider *provider, + struct dp_initgr_ctx *initgr_ctx) +{ + +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +int ret; + +req = tevent_req_create(mem_ctx, &state, struct dp_sr_resolve_groups_state); +if (req == NULL) { +DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n"); +return NULL; +} + +if (initgr_ctx->username == NULL) { +ret = EOK; +goto done; +} + +/* Only proceed if scope is applicable: 'some' or 'all' */ +if (provider->be_ctx->sr_conf.scope == SESSION_RECORDING_SCOPE_NONE) { +ret = EOK; +goto done; +} + +state->provider = provider; +state->initgroups_ctx = initgr_ctx; +state->reply = reply; +state->gnum = initgr_ctx->gnum; + +/* Check if group is intermediate(has gidNumber and isPosix == False) */ +state->resolve_gids = talloc_zero_array(state, uint32_t, initgr_ctx->gnum + 1); +if (state->resolve_gids == NULL) { +ret = ENOMEM; +goto done; +} + +ret = dp_sr_resolve_groups_check(state); +if (ret != EOK) { +DEBUG(SSSDBG_OP_FAILURE, "Failed checking groups to resolve\n"); +goto done; +} + + state->num_iter = 0; + ret = dp_sr_resolve_groups_next(req); + if (ret == EAGAIN) { +/* async processing */ +return req; + } + +done: +if (ret == EOK) { +tevent_req_done(req); +} else { +tevent_req_error(req, ret); +} +tevent_req_post(req, ev); + +return req; +} + +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *subreq; +struct dp_id_data *ar; +uint32_t gid; + +state = tevent_req_data(req, struct dp_sr_resolve_groups_state); + +if (state->num_iter >= state->resolve_gnum) { +return EOK; +} + +gid = state->resolve_gids[state->num_iter]; + +ar = talloc_zero(state, struct dp_id_data); +if (ar == NULL) { +return ENOMEM; +} + +ar->entry_type = BE_REQ_GROUP; +ar->filter_type = BE_FILTER_IDNUM; +ar->filter_value = talloc_asprintf(ar, "%llu", (unsigned long long) gid); +ar->domain = talloc_strdup(ar, state->initgroups_ctx->domain_info->name); +if (!ar->domain || !ar->filter_value) { +return ENOMEM; +} + +subreq = dp_req_send(state, state->provider, ar->domain, + "DP Resolve Group", 0, NULL, + DPT_ID, DPM_ACCOUNT_HANDLER, 0, ar, NULL); +if (!subreq) { +return ENOMEM; +} + +tevent_req_set_callback(subreq, dp_sr_resolve_groups_done, req); + +state->num_iter++; +return EAGAIN; +} + +static void dp_sr_resolve_groups_done(struct tevent_req *subreq) +{ +struct dp_sr_resolv
[SSSD] [sssd PR#5863][comment] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Title: #5863: Responder and Child process tevent chain id improvements justin-stephenson commented: """ Now that the RID # is passed to the child log files, `sssctl analyze request show #` will check these child logs and print those RID # matches also. Should this be default behavior, or only when an argument like `--child` is provided to the request show subcommand? """ See the full comment at https://github.com/SSSD/sssd/pull/5863#issuecomment-961183126 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5829][synchronized] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Author: justin-stephenson Title: #5829: DP: Resolve intermediate groups prior to SR overlay Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5829/head:pr5829 git checkout pr5829 From 4f52d6a62a3df8bddabb9b7291bf0afee8ff10b4 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Thu, 7 Oct 2021 00:37:25 + Subject: [PATCH] DP: Resolve intermediate groups prior to SR overlay SSSD SR exclude_groups checking can fail when only intermediate groups are fetched during the login process. Add a step to resolve these groups during Initgroups processing to ensure the exclude groups check matches against the group name correctly. This logic exists already similarly in the simple access provider. --- src/providers/data_provider/dp_target_id.c | 265 - 1 file changed, 259 insertions(+), 6 deletions(-) diff --git a/src/providers/data_provider/dp_target_id.c b/src/providers/data_provider/dp_target_id.c index a71cdf65c6..8aa667483e 100644 --- a/src/providers/data_provider/dp_target_id.c +++ b/src/providers/data_provider/dp_target_id.c @@ -448,10 +448,234 @@ static void dp_req_initgr_pp_set_initgr_timestamp(struct dp_initgr_ctx *ctx, } } + +struct dp_sr_resolve_groups_state { +struct data_provider *provider; +struct dp_initgr_ctx *initgroups_ctx; +struct dp_reply_std reply; + +uint32_t *resolve_gids; /* Groups needing resolution */ +int resolve_gnum; +int num_iter; +uint32_t gnum; +}; + +static errno_t dp_sr_resolve_groups_check(struct dp_sr_resolve_groups_state *state); +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req); +static void dp_sr_resolve_groups_done(struct tevent_req *subreq); + +struct tevent_req * +dp_sr_resolve_groups_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct dp_reply_std reply, + struct data_provider *provider, + struct dp_initgr_ctx *initgr_ctx) +{ + +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +int ret; + +req = tevent_req_create(mem_ctx, &state, struct dp_sr_resolve_groups_state); +if (req == NULL) { +DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n"); +return NULL; +} + +if (initgr_ctx->username == NULL) { +ret = EOK; +goto done; +} + +/* Only proceed if scope is applicable: 'some' or 'all' */ +if (provider->be_ctx->sr_conf.scope == SESSION_RECORDING_SCOPE_NONE) { +ret = EOK; +goto done; +} + +state->provider = provider; +state->initgroups_ctx = initgr_ctx; +state->reply = reply; +state->gnum = initgr_ctx->gnum; + +/* Check if group is intermediate(has gidNumber and isPosix == False) */ +state->resolve_gids = talloc_zero_array(state, uint32_t, initgr_ctx->gnum + 1); +if (state->resolve_gids == NULL) { +ret = ENOMEM; +goto done; +} + +ret = dp_sr_resolve_groups_check(state); +if (ret != EOK) { +DEBUG(SSSDBG_OP_FAILURE, "Failed checking groups to resolve\n"); +goto done; +} + + state->num_iter = 0; + ret = dp_sr_resolve_groups_next(req); + if (ret == EAGAIN) { +/* async processing */ +return req; + } + +done: +if (ret == EOK) { +tevent_req_done(req); +} else { +tevent_req_error(req, ret); +} +tevent_req_post(req, ev); + +return req; +} + +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *subreq; +struct dp_id_data *ar; +uint32_t gid; + +state = tevent_req_data(req, struct dp_sr_resolve_groups_state); + +if (state->num_iter >= state->resolve_gnum) { +return EOK; +} + +gid = state->resolve_gids[state->num_iter]; + +ar = talloc_zero(state, struct dp_id_data); +if (ar == NULL) { +return ENOMEM; +} + +ar->entry_type = BE_REQ_GROUP; +ar->filter_type = BE_FILTER_IDNUM; +ar->filter_value = talloc_asprintf(ar, "%llu", (unsigned long long) gid); +ar->domain = talloc_strdup(ar, state->initgroups_ctx->domain_info->name); +if (!ar->domain || !ar->filter_value) { +return ENOMEM; +} + +subreq = dp_req_send(state, state->provider, ar->domain, + "DP Resolve Group", 0, NULL, + DPT_ID, DPM_ACCOUNT_HANDLER, 0, ar, NULL); +if (!subreq) { +return ENOMEM; +} + +tevent_req_set_callback(subreq, dp_sr_resolve_groups_done, req); + +state->num_iter++; +return EAGAIN; +} + +static void dp_sr_resolve_groups_done(struct tevent_req *subreq) +{ +struct dp_sr_resolv
[SSSD] [sssd PR#5863][edited] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: edited Changed field: body Original value: """ This PR adds the following tevent chain ID functionality: * Add tevent chain ID logic into responders (log messages with tag [CID #]) * Add ability to parse child log files by passing the backend request ID into child processes and setting the chain ID inside the child. sss_chain_id getter/setter functions moved into their own source file (remove dependency to tevent), and some small changes to analyzer are needed. """ ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5863][opened] Responder and Child process tevent chain id improvements
URL: https://github.com/SSSD/sssd/pull/5863 Author: justin-stephenson Title: #5863: Responder and Child process tevent chain id improvements Action: opened PR body: """ This PR adds the following tevent chain ID functionality: * Add tevent chain ID logic into responders (log messages with tag [CID #]) * Add ability to parse child log files by passing the backend request ID into child processes and setting the chain ID inside the child. sss_chain_id getter/setter functions moved into their own source file (remove dependency to tevent), and some small changes to analyzer are needed. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5863/head:pr5863 git checkout pr5863 From 6a437178de902fd7070ce293ac750fb1a89238a2 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 3 Nov 2021 15:19:16 + Subject: [PATCH 01/11] util: Move chain ID getter/setter functions --- Makefile.am | 4 ++- src/providers/data_provider/dp_request.c | 2 +- src/providers/ldap/sdap_async.c | 2 +- src/providers/ldap/sdap_fd_events.c | 2 +- src/providers/ldap/sdap_id_op.c | 2 +- src/sbus/router/sbus_router_handler.c| 2 +- src/util/dbg_chain_id.c | 34 src/util/dbg_chain_id.h | 34 src/util/sss_chain_id.c | 25 + src/util/sss_chain_id.h | 6 - 10 files changed, 77 insertions(+), 36 deletions(-) create mode 100644 src/util/dbg_chain_id.c create mode 100644 src/util/dbg_chain_id.h diff --git a/Makefile.am b/Makefile.am index f6bc9414d0..65c4693acc 100644 --- a/Makefile.am +++ b/Makefile.am @@ -685,6 +685,7 @@ dist_noinst_HEADERS = \ src/util/strtonum.h \ src/util/sss_cli_cmd.h \ src/util/sss_chain_id.h \ +src/util/dbg_chain_id.h \ src/util/sss_ptr_hash.h \ src/util/sss_ptr_list.h \ src/util/sss_endian.h \ @@ -1051,7 +1052,7 @@ libsss_sbus_la_SOURCES = \ src/util/check_and_open.c \ src/util/debug.c \ src/util/debug_backtrace.c \ -src/util/sss_chain_id.c \ +src/util/dbg_chain_id.c \ src/util/sss_ptr_hash.c \ src/util/sss_ptr_list.c \ src/util/sss_utf8.c \ @@ -1265,6 +1266,7 @@ libsss_util_la_SOURCES = \ src/util/selinux.c \ src/util/sss_regexp.c \ src/util/sss_chain_id.c \ +src/util/dbg_chain_id.c \ $(NULL) libsss_util_la_CFLAGS = \ $(AM_CFLAGS) \ diff --git a/src/providers/data_provider/dp_request.c b/src/providers/data_provider/dp_request.c index 3cbd55c1ec..29a941807e 100644 --- a/src/providers/data_provider/dp_request.c +++ b/src/providers/data_provider/dp_request.c @@ -27,7 +27,7 @@ #include "util/dlinklist.h" #include "util/util.h" #include "util/probes.h" -#include "util/sss_chain_id.h" +#include "util/dbg_chain_id.h" struct dp_req { struct data_provider *provider; diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c index da54705496..abf58db9f3 100644 --- a/src/providers/ldap/sdap_async.c +++ b/src/providers/ldap/sdap_async.c @@ -24,7 +24,7 @@ #include "util/util.h" #include "util/strtonum.h" #include "util/probes.h" -#include "util/sss_chain_id.h" +#include "util/dbg_chain_id.h" #include "providers/ldap/sdap_async_private.h" #define REPLY_REALLOC_INCREMENT 10 diff --git a/src/providers/ldap/sdap_fd_events.c b/src/providers/ldap/sdap_fd_events.c index 42b2efe260..40b101e47d 100644 --- a/src/providers/ldap/sdap_fd_events.c +++ b/src/providers/ldap/sdap_fd_events.c @@ -24,7 +24,7 @@ #include "util/util.h" #include "util/sss_sockets.h" -#include "util/sss_chain_id.h" +#include "util/dbg_chain_id.h" #include "providers/ldap/sdap_async_private.h" struct sdap_fd_events { diff --git a/src/providers/ldap/sdap_id_op.c b/src/providers/ldap/sdap_id_op.c index 55524707fe..d1012d61b0 100644 --- a/src/providers/ldap/sdap_id_op.c +++ b/src/providers/ldap/sdap_id_op.c @@ -25,7 +25,7 @@ #include "providers/ldap/ldap_common.h" #include "providers/ldap/sdap_async.h" #include "providers/ldap/sdap_id_op.h" -#include "util/sss_chain_id.h" +#include "util/dbg_chain_id.h" /* LDAP async connection cache */ struct sdap_id_conn_cache { diff --git a/src/sbus/router/sbus_router_handler.c b/src/sbus/router/sbus_router_handler.c index d9a374b414..870dc5b0a6 100644 --- a/src/sbus/router/sbus_router_handler.c +++ b/src/sbus/router/sbus_router_handler.c @@ -26,7 +26,7 @@ #include "util/util.h" #include "util/dlinklist.h" -#include "util/sss_chain_id.h" +#include "util/dbg_chain_id.h" #include "sbus/sbus_private.h" struct sbus_messag
[SSSD] [sssd PR#5845][comment] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports justin-stephenson commented: """ > @justin-stephenson Is there any intention to run sss_analyze as a standalone > program? Is it documented anywhere like this? No, I have only been developing it and writing documentation for it to be called with sssctl analyze. """ See the full comment at https://github.com/SSSD/sssd/pull/5845#issuecomment-954716430 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5845][comment] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports justin-stephenson commented: """ > @justin-stephenson, thank you for the review! Can I see the build log? which > distro/version? Sorry disregard, leftover build settings issue. Ack from my side. """ See the full comment at https://github.com/SSSD/sssd/pull/5845#issuecomment-953201029 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5845][comment] sss-analyze: Fix self imports
URL: https://github.com/SSSD/sssd/pull/5845 Title: #5845: sss-analyze: Fix self imports justin-stephenson commented: """ Thank you for the fixes! Overall changes LGTM, but make rpms fails with: ~~~ + /usr/lib/rpm/redhat/brp-mangle-shebangs mangling shebang in /usr/sbin/sss_debuglevel from /bin/sh to #!/usr/bin/sh *** ERROR: ambiguous python shebang in /usr/sbin/sss_analyze: #!/usr/bin/env python. Change it to python3 (or python2) explicitly. error: Bad exit status from /var/tmp/rpm-tmp.J0MFzZ (%install) ~~~ """ See the full comment at https://github.com/SSSD/sssd/pull/5845#issuecomment-952975624 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5838][comment] Tests: Fix warning about deprecated res_randomid()
URL: https://github.com/SSSD/sssd/pull/5838 Title: #5838: Tests: Fix warning about deprecated res_randomid() justin-stephenson commented: """ Changes made as requested. """ See the full comment at https://github.com/SSSD/sssd/pull/5838#issuecomment-951243195 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5838][synchronized] Tests: Fix warning about deprecated res_randomid()
URL: https://github.com/SSSD/sssd/pull/5838 Author: justin-stephenson Title: #5838: Tests: Fix warning about deprecated res_randomid() Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5838/head:pr5838 git checkout pr5838 From 2157ab52a05253d82a5c8978cab55172f95fac1f Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Mon, 25 Oct 2021 11:51:28 -0400 Subject: [PATCH] Tests: Fix warning about deprecated res_randomid() --- src/tests/cmocka/test_resolv_fake.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/tests/cmocka/test_resolv_fake.c b/src/tests/cmocka/test_resolv_fake.c index 0f4011a39f..021d55abff 100644 --- a/src/tests/cmocka/test_resolv_fake.c +++ b/src/tests/cmocka/test_resolv_fake.c @@ -59,10 +59,10 @@ static ssize_t dns_header(unsigned char **buf, size_t ancount) memset(hb, 0, NS_HFIXEDSZ); memset(&h, 0, sizeof(h)); -h.id = res_randomid(); /* random query ID */ -h.qr = 1; /* response flag */ -h.rd = 1; /* recursion desired */ -h.ra = 1; /* recursion available */ +h.id = 0x & sss_rand(); /* random query ID */ +h.qr = 1;/* response flag */ +h.rd = 1;/* recursion desired */ +h.ra = 1;/* recursion available */ h.qdcount = htons(1); /* no. of questions */ h.ancount = htons(ancount);/* no. of answers */ ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5838][opened] Tests: Fix warning about deprecated res_randomid()
URL: https://github.com/SSSD/sssd/pull/5838 Author: justin-stephenson Title: #5838: Tests: Fix warning about deprecated res_randomid() Action: opened PR body: """ Warning on fedora rawhide ~~~ ../src/tests/cmocka/test_resolv_fake.c: In function ‘dns_header’: ../src/tests/cmocka/test_resolv_fake.c:62:5: error: ‘__res_randomid’ is deprecated: use getentropy instead [-Werror=deprecated-declarations] 62 | h.id = res_randomid(); /* random query ID */ | ^ In file included from ../src/tests/cmocka/test_resolv_fake.c:33: /usr/include/resolv.h:275:17: note: declared here 275 | unsigned intres_randomid (void) __THROW | ^~~~ ~~~ """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5838/head:pr5838 git checkout pr5838 From f5d9d0fb9278d409574b127e516744b8bb50cde0 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Mon, 25 Oct 2021 11:51:28 -0400 Subject: [PATCH] Tests: Fix warning about deprecated res_randomid() --- src/tests/cmocka/test_resolv_fake.c | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/tests/cmocka/test_resolv_fake.c b/src/tests/cmocka/test_resolv_fake.c index 0f4011a39f..b11b5a203b 100644 --- a/src/tests/cmocka/test_resolv_fake.c +++ b/src/tests/cmocka/test_resolv_fake.c @@ -59,10 +59,11 @@ static ssize_t dns_header(unsigned char **buf, size_t ancount) memset(hb, 0, NS_HFIXEDSZ); memset(&h, 0, sizeof(h)); -h.id = res_randomid(); /* random query ID */ -h.qr = 1; /* response flag */ -h.rd = 1; /* recursion desired */ -h.ra = 1; /* recursion available */ +srand(time(NULL)); +h.id = (uint16_t)rand(); /* random query ID */ +h.qr = 1;/* response flag */ +h.rd = 1;/* recursion desired */ +h.ra = 1;/* recursion available */ h.qdcount = htons(1); /* no. of questions */ h.ancount = htons(ancount);/* no. of answers */ ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5829][comment] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Title: #5829: DP: Resolve intermediate groups prior to SR overlay justin-stephenson commented: """ Sumit suggested to check for intermediate groups by checking for groups which have a GID, and isPosix is false. `simple_check_process_group()` seems to perform more checks than I added in `dp_sr_resolve_groups_check() ` but i'm not sure if these two functions need to match exactly for the purposes of this PR. """ See the full comment at https://github.com/SSSD/sssd/pull/5829#issuecomment-948631387 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5829][comment] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Title: #5829: DP: Resolve intermediate groups prior to SR overlay justin-stephenson commented: """ Ready for review, intg test issues fixed. """ See the full comment at https://github.com/SSSD/sssd/pull/5829#issuecomment-947205783 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5829][comment] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Title: #5829: DP: Resolve intermediate groups prior to SR overlay justin-stephenson commented: """ Ready for review, intg issues fixed. """ See the full comment at https://github.com/SSSD/sssd/pull/5829#issuecomment-947205783 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5829][+Waiting for review] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Title: #5829: DP: Resolve intermediate groups prior to SR overlay Label: +Waiting for review ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5829][synchronized] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Author: justin-stephenson Title: #5829: DP: Resolve intermediate groups prior to SR overlay Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5829/head:pr5829 git checkout pr5829 From 0ba3e5f58102ade0d976f44bdab28b66d1aa60ae Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Thu, 7 Oct 2021 00:37:25 + Subject: [PATCH] DP: Resolve intermediate groups prior to SR overlay SSSD SR exclude_groups checking can fail when only intermediate groups are fetched during the login process. Add a step to resolve these groups during Initgroups processing to ensure the exclude groups check matches against the group name correctly. This logic exists already similarly in the simple access provider. --- src/providers/data_provider/dp_target_id.c | 257 - 1 file changed, 251 insertions(+), 6 deletions(-) diff --git a/src/providers/data_provider/dp_target_id.c b/src/providers/data_provider/dp_target_id.c index a71cdf65c6..ea660ae8ae 100644 --- a/src/providers/data_provider/dp_target_id.c +++ b/src/providers/data_provider/dp_target_id.c @@ -448,10 +448,229 @@ static void dp_req_initgr_pp_set_initgr_timestamp(struct dp_initgr_ctx *ctx, } } + +struct dp_sr_resolve_groups_state { +struct data_provider *provider; +struct dp_initgr_ctx *initgroups_ctx; +struct dp_reply_std reply; + +uint32_t *resolve_gids; /* Groups needing resolution */ +int resolve_gnum; +int num_iter; +uint32_t gnum; +}; + +static errno_t dp_sr_resolve_groups_check(struct dp_sr_resolve_groups_state *state); +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req); +static void dp_sr_resolve_groups_done(struct tevent_req *subreq); + +struct tevent_req * +dp_sr_resolve_groups_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct dp_reply_std reply, + struct data_provider *provider, + struct dp_initgr_ctx *initgr_ctx) +{ + +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +int ret; + +req = tevent_req_create(mem_ctx, &state, struct dp_sr_resolve_groups_state); +if (req == NULL) { +DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n"); +return NULL; +} + +if (initgr_ctx->username == NULL) { +ret = EOK; +goto done; +} + + state->provider = provider; + state->initgroups_ctx = initgr_ctx; + state->reply = reply; + state->gnum = initgr_ctx->gnum; + +/* Check if group is intermediate(has gidNumber and isPosix == False) */ +state->resolve_gids = talloc_zero_array(state, uint32_t, initgr_ctx->gnum + 1); +if (state->resolve_gids == NULL) { +ret = ENOMEM; +goto done; +} + +ret = dp_sr_resolve_groups_check(state); +if (ret != EOK) { +DEBUG(SSSDBG_OP_FAILURE, "Failed checking groups to resolve\n"); +goto done; +} + + state->num_iter = 0; + ret = dp_sr_resolve_groups_next(req); + if (ret == EAGAIN) { +/* async processing */ +return req; + } + +done: +if (ret == EOK) { +tevent_req_done(req); +} else { +tevent_req_error(req, ret); +} +tevent_req_post(req, ev); + +return req; +} + +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *subreq; +struct dp_id_data *ar; +uint32_t gid; + +state = tevent_req_data(req, struct dp_sr_resolve_groups_state); + +if (state->num_iter >= state->resolve_gnum) { +return EOK; +} + +gid = state->resolve_gids[state->num_iter]; + +ar = talloc(state, struct dp_id_data); +if (!ar) { +return ENOMEM; +} + +ar->entry_type = BE_REQ_GROUP; +ar->filter_type = BE_FILTER_IDNUM; +ar->filter_value = talloc_asprintf(ar, "%llu", (unsigned long long) gid); +ar->domain = talloc_strdup(ar, state->initgroups_ctx->domain_info->name); +if (!ar->domain || !ar->filter_value) { +return ENOMEM; +} + +subreq = dp_req_send(state, state->provider, ar->domain, + "DP Resolve Group", 0, NULL, + DPT_ID, DPM_ACCOUNT_HANDLER, 0, ar, NULL); + if (!subreq) { +return ENOMEM; + } + +tevent_req_set_callback(subreq, dp_sr_resolve_groups_done, req); + +state->num_iter++; +return EAGAIN; +} + +static void dp_sr_resolve_groups_done(struct tevent_req *subreq) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +struct dp_reply_std *reply; +int ret; + +req = tevent_req_callback_data(subreq, struct tevent_req); +state = tevent_req_data(req, struct dp_sr_resolve_groups_state); + +ret = dp_req_recv_ptr(state, subreq, stru
[SSSD] [sssd PR#5829][synchronized] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Author: justin-stephenson Title: #5829: DP: Resolve intermediate groups prior to SR overlay Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5829/head:pr5829 git checkout pr5829 From 1689ae4f64cdc2ba58042df9d0798f6a85543392 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Thu, 7 Oct 2021 00:37:25 + Subject: [PATCH] DP: Resolve intermediate groups prior to SR overlay SSSD SR exclude_groups checking can fail when only intermediate groups are fetched during the login process. Add a step to resolve these groups during Initgroups processing to ensure the exclude groups check matches against the group name correctly. This logic exists already similarly in the simple access provider. --- src/providers/data_provider/dp_target_id.c | 257 - 1 file changed, 250 insertions(+), 7 deletions(-) diff --git a/src/providers/data_provider/dp_target_id.c b/src/providers/data_provider/dp_target_id.c index a71cdf65c6..f394e41838 100644 --- a/src/providers/data_provider/dp_target_id.c +++ b/src/providers/data_provider/dp_target_id.c @@ -448,10 +448,229 @@ static void dp_req_initgr_pp_set_initgr_timestamp(struct dp_initgr_ctx *ctx, } } + +struct dp_sr_resolve_groups_state { +struct data_provider *provider; +struct dp_initgr_ctx *initgroups_ctx; +struct dp_reply_std reply; + +uint32_t *resolve_gids; /* Groups needing resolution */ +int resolve_gnum; +int num_iter; +uint32_t gnum; +}; + +static errno_t dp_sr_resolve_groups_check(struct dp_sr_resolve_groups_state *state); +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req); +static void dp_sr_resolve_groups_done(struct tevent_req *subreq); + +struct tevent_req * +dp_sr_resolve_groups_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct dp_reply_std reply, + struct data_provider *provider, + struct dp_initgr_ctx *initgr_ctx) +{ + +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +int ret; + +req = tevent_req_create(mem_ctx, &state, struct dp_sr_resolve_groups_state); +if (req == NULL) { +DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n"); +return NULL; +} + +if (initgr_ctx->username == NULL) { +ret = EOK; +goto done; +} + + state->provider = provider; + state->initgroups_ctx = initgr_ctx; + state->reply = reply; + state->gnum = initgr_ctx->gnum; + +/* Check if group is intermediate(has gidNumber and isPosix == False) */ +state->resolve_gids = talloc_zero_array(state, uint32_t, initgr_ctx->gnum + 1); +if (state->resolve_gids == NULL) { +ret = ENOMEM; +goto done; +} + +ret = dp_sr_resolve_groups_check(state); +if (ret != EOK) { +DEBUG(SSSDBG_OP_FAILURE, "Failed checking groups to resolve\n"); +goto done; +} + + state->num_iter = 0; + ret = dp_sr_resolve_groups_next(req); + if (ret == EAGAIN) { +/* async processing */ +return req; + } + +done: +if (ret == EOK) { +tevent_req_done(req); +} else { +tevent_req_error(req, ret); +} +tevent_req_post(req, ev); + +return req; +} + +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *subreq; +struct dp_id_data *ar; +uint32_t gid; + +state = tevent_req_data(req, struct dp_sr_resolve_groups_state); + +if (state->num_iter >= state->resolve_gnum) { +return EOK; +} + +gid = state->resolve_gids[state->num_iter]; + +ar = talloc(state, struct dp_id_data); +if (!ar) { +return ENOMEM; +} + +ar->entry_type = BE_REQ_GROUP; +ar->filter_type = BE_FILTER_IDNUM; +ar->filter_value = talloc_asprintf(ar, "%llu", (unsigned long long) gid); +ar->domain = talloc_strdup(ar, state->initgroups_ctx->domain_info->name); +if (!ar->domain || !ar->filter_value) { +return ENOMEM; +} + +subreq = dp_req_send(state, state->provider, ar->domain, + "DP Resolve Group", 0, NULL, + DPT_ID, DPM_ACCOUNT_HANDLER, 0, ar, NULL); + if (!subreq) { +return ENOMEM; + } + +tevent_req_set_callback(subreq, dp_sr_resolve_groups_done, req); + +state->num_iter++; +return EAGAIN; +} + +static void dp_sr_resolve_groups_done(struct tevent_req *subreq) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +struct dp_reply_std *reply; +int ret; + +req = tevent_req_callback_data(subreq, struct tevent_req); +state = tevent_req_data(req, struct dp_sr_resolve_groups_state); + +ret = dp_req_recv_ptr(state, subreq, stru
[SSSD] [sssd PR#5829][synchronized] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Author: justin-stephenson Title: #5829: DP: Resolve intermediate groups prior to SR overlay Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5829/head:pr5829 git checkout pr5829 From 345d24a3fbc98b8f2a6ab6701a448208d3897872 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Thu, 7 Oct 2021 00:37:25 + Subject: [PATCH] DP: Resolve intermediate groups prior to SR overlay SSSD SR exclude_groups checking can fail when only intermediate groups are fetched during the login process. Add a step to resolve these groups during Initgroups processing to ensure the exclude groups check matches against the group name correctly. This logic exists already similarly in the simple access provider. --- src/providers/data_provider/dp_target_id.c | 259 - 1 file changed, 252 insertions(+), 7 deletions(-) diff --git a/src/providers/data_provider/dp_target_id.c b/src/providers/data_provider/dp_target_id.c index a71cdf65c6..6a4bd34578 100644 --- a/src/providers/data_provider/dp_target_id.c +++ b/src/providers/data_provider/dp_target_id.c @@ -448,10 +448,231 @@ static void dp_req_initgr_pp_set_initgr_timestamp(struct dp_initgr_ctx *ctx, } } + +struct dp_sr_resolve_groups_state { +struct data_provider *provider; +struct dp_initgr_ctx *initgroups_ctx; +struct dp_reply_std reply; + +uint32_t *resolve_gids; /* Groups needing resolution */ +int resolve_gnum; +int num_iter; +uint32_t gnum; +}; + +static errno_t dp_sr_resolve_groups_check(struct dp_sr_resolve_groups_state *state, + struct dp_initgr_ctx *initgr_ctx); +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req); +static void dp_sr_resolve_groups_done(struct tevent_req *subreq); + +struct tevent_req * +dp_sr_resolve_groups_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct dp_reply_std reply, + struct data_provider *provider, + struct dp_initgr_ctx *initgr_ctx) +{ + +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +int ret; + +req = tevent_req_create(mem_ctx, &state, struct dp_sr_resolve_groups_state); +if (req == NULL) { +DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n"); +return NULL; +} + +if (initgr_ctx->username == NULL) { +ret = EOK; +goto done; +} + + state->provider = provider; + state->initgroups_ctx = initgr_ctx; + state->reply = reply; + state->gnum = initgr_ctx->gnum; + +/* Check if group is intermediate(has gidNumber and isPosix == False) */ +state->resolve_gids = talloc_zero_array(state, uint32_t, initgr_ctx->gnum + 1); +if (state->resolve_gids == NULL) { +ret = ENOMEM; +goto done; +} + +ret = dp_sr_resolve_groups_check(state, initgr_ctx); +if (ret != EOK) { +DEBUG(SSSDBG_OP_FAILURE, "Failed checking groups to resolve\n"); +goto done; +} + + state->num_iter = 0; + ret = dp_sr_resolve_groups_next(req); + if (ret == EAGAIN) { +/* async processing */ +return req; + } + +done: +if (ret == EOK) { +tevent_req_done(req); +} else { +tevent_req_error(req, ret); +} +tevent_req_post(req, ev); + +return req; +} + +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *subreq; +struct dp_id_data *ar; +uint32_t gid; + +state = tevent_req_data(req, struct dp_sr_resolve_groups_state); + +if (state->num_iter >= state->resolve_gnum) { +return EOK; +} + +gid = state->resolve_gids[state->num_iter]; + +ar = talloc(state, struct dp_id_data); +if (!ar) { +return ENOMEM; +} + +ar->entry_type = BE_REQ_GROUP; +ar->filter_type = BE_FILTER_IDNUM; +ar->filter_value = talloc_asprintf(ar, "%llu", (unsigned long long) gid); +ar->domain = talloc_strdup(ar, state->initgroups_ctx->domain_info->name); +if (!ar->domain || !ar->filter_value) { +return ENOMEM; +} + +subreq = dp_req_send(state, state->provider, ar->domain, + "DP Resolve Group", 0, NULL, + DPT_ID, DPM_ACCOUNT_HANDLER, 0, ar, NULL); + if (!subreq) { +return ENOMEM; + } + +tevent_req_set_callback(subreq, dp_sr_resolve_groups_done, req); + +state->num_iter++; +return EAGAIN; +} + +static void dp_sr_resolve_groups_done(struct tevent_req *subreq) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +struct dp_reply_std *reply; +int ret; + +req = tevent_req_callback_data(subreq, struct tevent_req); +state = tev
[SSSD] [sssd PR#5829][comment] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Title: #5829: DP: Resolve intermediate groups prior to SR overlay justin-stephenson commented: """ This is on me to fix the intg test failures, test_initgroups_with_mc is failing, likely due to ``sbus_call_nss_memcache_UpdateInitgroups_send`` being moved into `dp_get_account_info_initgroups_resolv_done`. -- Before SSSD is stopped ~~~ bash-5.1# id user1 uid=1001(user1) gid=2001(group1) groups=2001(group1) bash-5.1# hexdump -C /tmp/sssd-intg.C2ZNOgHS/var/lib/sss/mc/group 01 00 00 f0 01 00 00 00 01 00 00 00 01 00 00 00 || 0010 79 32 3d a6 40 00 60 00 cd 4c 00 00 a0 99 09 00 |y2=.@.`..L..| 0020 38 00 00 00 78 00 60 00 48 4d 60 00 00 00 00 00 |8...x.`.HM`.| 0030 01 00 00 f0 00 00 00 00 00 00 00 f0 55 00 00 00 |U...| 0040 cb d3 6d 61 00 00 00 00 ff ff ff ff ff ff ff ff |..ma| 0050 dc 51 00 00 d1 bf 00 00 ff ff ff ff 00 00 00 f0 |.Q..| 0060 10 00 00 00 d1 07 00 00 03 00 00 00 1d 00 00 00 || 0070 67 72 6f 75 70 31 00 2a 00 75 73 65 72 31 00 75 |group1.*.user1.u| 0080 73 65 72 31 31 00 75 73 65 72 32 31 00 ff ff ff |ser11.user21| 0090 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff || ~~~ --- After SSSD is stopped when returning from memcache ~~~ bash-5.1# id user2 uid=1002(user2) gid=2002 groups=2002 bash-5.1# hexdump -C /tmp/sssd-intg.C2ZNOgHS/var/lib/sss/mc/group 01 00 00 f0 01 00 00 00 01 00 00 00 01 00 00 00 || 0010 ad 7a 29 a7 40 00 60 00 cd 4c 00 00 a0 99 09 00 |.z).@.`..L..| 0020 38 00 00 00 78 00 60 00 48 4d 60 00 00 00 00 00 |8...x.`.HM`.| 0030 01 00 00 f0 00 00 00 00 ff ff ff ff ff ff ff ff || 0040 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff || * 00600070 ff ff ff ff ff ff ff ff 00 00 00 00 00 00 00 00 || 00600080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 || * 00604d40 00 00 00 00 00 00 00 00 ff ff ff ff ff ff ff ff || 00604d50 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff || * 0069e6e0 ff ff ff ff ff ff ff ff || 0069e6e8 ~~~ """ See the full comment at https://github.com/SSSD/sssd/pull/5829#issuecomment-946126101 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5829][synchronized] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Author: justin-stephenson Title: #5829: DP: Resolve intermediate groups prior to SR overlay Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5829/head:pr5829 git checkout pr5829 From 77978b4e3bf7b58164692ad29211797c33641b41 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Thu, 7 Oct 2021 00:37:25 + Subject: [PATCH] DP: Resolve intermediate groups prior to SR overlay SSSD SR exclude_groups checking can fail when only intermediate groups are fetched during the login process. Add a step to resolve these groups during Initgroups processing to ensure the exclude groups check matches against the group name correctly. This logic exists already similarly in the simple access provider. --- src/providers/data_provider/dp_target_id.c | 259 - 1 file changed, 253 insertions(+), 6 deletions(-) diff --git a/src/providers/data_provider/dp_target_id.c b/src/providers/data_provider/dp_target_id.c index a71cdf65c6..a7db5407c9 100644 --- a/src/providers/data_provider/dp_target_id.c +++ b/src/providers/data_provider/dp_target_id.c @@ -448,10 +448,231 @@ static void dp_req_initgr_pp_set_initgr_timestamp(struct dp_initgr_ctx *ctx, } } + +struct dp_sr_resolve_groups_state { +struct data_provider *provider; +struct dp_initgr_ctx *initgroups_ctx; +struct dp_reply_std reply; + +uint32_t *resolve_gids; /* Groups needing resolution */ +int resolve_gnum; +int num_iter; +uint32_t gnum; +}; + +static errno_t dp_sr_resolve_groups_check(struct dp_sr_resolve_groups_state *state, + struct dp_initgr_ctx *initgr_ctx); +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req); +static void dp_sr_resolve_groups_done(struct tevent_req *subreq); + +struct tevent_req * +dp_sr_resolve_groups_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct dp_reply_std reply, + struct data_provider *provider, + struct dp_initgr_ctx *initgr_ctx) +{ + +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +int ret; + +req = tevent_req_create(mem_ctx, &state, struct dp_sr_resolve_groups_state); +if (req == NULL) { +DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n"); +return NULL; +} + +if (initgr_ctx->username == NULL) { +ret = EOK; +goto done; +} + + state->provider = provider; + state->initgroups_ctx = initgr_ctx; + state->reply = reply; + state->gnum = initgr_ctx->gnum; + +/* Check if group is intermediate(has gidNumber and isPosix == False) */ +state->resolve_gids = talloc_zero_array(state, uint32_t, initgr_ctx->gnum + 1); +if (state->resolve_gids == NULL) { +ret = ENOMEM; +goto done; +} + +ret = dp_sr_resolve_groups_check(state, initgr_ctx); +if (ret != EOK) { +DEBUG(SSSDBG_OP_FAILURE, "Failed checking groups to resolve\n"); +goto done; +} + + state->num_iter = 0; + ret = dp_sr_resolve_groups_next(req); + if (ret == EAGAIN) { +/* async processing */ +return req; + } + +done: +if (ret == EOK) { +tevent_req_done(req); +} else { +tevent_req_error(req, ret); +} +tevent_req_post(req, ev); + +return req; +} + +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *subreq; +struct dp_id_data *ar; +uint32_t gid; + +state = tevent_req_data(req, struct dp_sr_resolve_groups_state); + +if (state->num_iter >= state->resolve_gnum) { +return EOK; +} + +gid = state->resolve_gids[state->num_iter]; + +ar = talloc(state, struct dp_id_data); +if (!ar) { +return ENOMEM; +} + +ar->entry_type = BE_REQ_GROUP; +ar->filter_type = BE_FILTER_IDNUM; +ar->filter_value = talloc_asprintf(ar, "%llu", (unsigned long long) gid); +ar->domain = talloc_strdup(ar, state->initgroups_ctx->domain_info->name); +if (!ar->domain || !ar->filter_value) { +return ENOMEM; +} + +subreq = dp_req_send(state, state->provider, ar->domain, + "DP Resolve Group", 0, NULL, + DPT_ID, DPM_ACCOUNT_HANDLER, 0, ar, NULL); + if (!subreq) { +return ENOMEM; + } + +tevent_req_set_callback(subreq, dp_sr_resolve_groups_done, req); + +state->num_iter++; +return EAGAIN; +} + +static void dp_sr_resolve_groups_done(struct tevent_req *subreq) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +struct dp_reply_std *reply; +int ret; + +req = tevent_req_callback_data(subreq, struct tevent_req); +state = tev
[SSSD] [sssd PR#5829][comment] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Title: #5829: DP: Resolve intermediate groups prior to SR overlay justin-stephenson commented: """ https://bugzilla.redhat.com/show_bug.cgi?id=1968340 """ See the full comment at https://github.com/SSSD/sssd/pull/5829#issuecomment-945898763 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5829][opened] DP: Resolve intermediate groups prior to SR overlay
URL: https://github.com/SSSD/sssd/pull/5829 Author: justin-stephenson Title: #5829: DP: Resolve intermediate groups prior to SR overlay Action: opened PR body: """ SSSD SR exclude_groups checking can fail when only intermediate groups are fetched during the login process. Add a step to resolve these groups during Initgroups processing to ensure the exclude groups check matches against the group name correctly. This logic exists already similarly in the simple access provider. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5829/head:pr5829 git checkout pr5829 From 0f30d435bc7664e4d90b35e77b70d97bb0880530 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Thu, 7 Oct 2021 00:37:25 + Subject: [PATCH] DP: Resolve intermediate groups prior to SR overlay SSSD SR exclude_groups checking can fail when only intermediate groups are fetched during the login process. Add a step to resolve these groups during Initgroups processing to ensure the exclude groups check matches against the group name correctly. This logic exists already similarly in the simple access provider. --- src/providers/data_provider/dp_target_id.c | 261 - 1 file changed, 255 insertions(+), 6 deletions(-) diff --git a/src/providers/data_provider/dp_target_id.c b/src/providers/data_provider/dp_target_id.c index a71cdf65c6..8790367198 100644 --- a/src/providers/data_provider/dp_target_id.c +++ b/src/providers/data_provider/dp_target_id.c @@ -448,10 +448,233 @@ static void dp_req_initgr_pp_set_initgr_timestamp(struct dp_initgr_ctx *ctx, } } + +struct dp_sr_resolve_groups_state { +struct data_provider *provider; +struct dp_initgr_ctx *initgroups_ctx; +struct dp_reply_std reply; + +uint32_t *resolve_gids; /* Groups needing resolution */ +int resolve_gnum; +int num_iter; +uint32_t gnum; +}; + +static errno_t dp_sr_resolve_groups_check(struct dp_sr_resolve_groups_state *state, + struct dp_initgr_ctx *initgr_ctx); +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req); +static void dp_sr_resolve_groups_done(struct tevent_req *subreq); + +struct tevent_req * +dp_sr_resolve_groups_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct dp_reply_std reply, + struct data_provider *provider, + struct dp_initgr_ctx *initgr_ctx) +{ + +struct dp_sr_resolve_groups_state *state; +struct tevent_req *req; +int ret; + +req = tevent_req_create(mem_ctx, &state, struct dp_sr_resolve_groups_state); +if (req == NULL) { +DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n"); +return NULL; +} + +if (initgr_ctx->username == NULL) { +ret = EOK; +goto done; +} + + state->provider = provider; + state->initgroups_ctx = initgr_ctx; + state->reply = reply; + state->gnum = initgr_ctx->gnum; + +/* Check if group is intermediate(has gidNumber and isPosix == False) */ +state->resolve_gids = talloc_zero_array(state, uint32_t, initgr_ctx->gnum + 1); +if (state->resolve_gids == NULL) { +ret = ENOMEM; +goto done; +} + +ret = dp_sr_resolve_groups_check(state, initgr_ctx); +if (ret != EOK) { +DEBUG(SSSDBG_OP_FAILURE, "Failed checking groups to resolve\n"); +goto done; +} + + state->num_iter = 0; + ret = dp_sr_resolve_groups_next(req); + if (ret == EAGAIN) { +/* async processing */ +return req; + } + +done: +if (ret == EOK) { +tevent_req_done(req); +} else { +tevent_req_error(req, ret); +} +tevent_req_post(req, ev); + +return req; +} + +static errno_t dp_sr_resolve_groups_next(struct tevent_req *req) +{ +struct dp_sr_resolve_groups_state *state; +struct tevent_req *subreq; +struct dp_id_data *ar; +uint32_t gid; + +state = tevent_req_data(req, struct dp_sr_resolve_groups_state); + +if (state->num_iter >= state->resolve_gnum) { +return EOK; +} + +gid = state->resolve_gids[state->num_iter]; + +ar = talloc(state, struct dp_id_data); +if (!ar) { +return ENOMEM; +} + +ar->entry_type = BE_REQ_GROUP; +ar->filter_type = BE_FILTER_IDNUM; +ar->filter_value = talloc_asprintf(ar, "%llu", (unsigned long long) gid); +ar->domain = talloc_strdup(ar, state->initgroups_ctx->domain_info->name); +if (!ar->domain || !ar->filter_value) { +return ENOMEM; +} + +subreq = dp_req_send(state, state->provider, ar->domain, + "DP Resolve Group", 0, NULL, + DPT_ID, DPM_ACCOUNT_HANDLER, 0, ar, NULL); + if (!subreq) { +return ENOMEM; + } + +tevent_req_set_callback(subr
[SSSD] [sssd PR#5712][synchronized] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712 Author: justin-stephenson Title: #5712: Health and Support Analyzer - Add request log parsing utility Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5712/head:pr5712 git checkout pr5712 From 225f91087af3d0abb8d0c91811a8c1e305874a66 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 4 Aug 2021 14:57:55 + Subject: [PATCH 1/4] DP: Log offline warning for REQ_TRACE tracking This allows the sssctl analyze parsing tool to report if the backend was offline when the request came in to the data provider. --- src/providers/data_provider/dp_request.c | 4 1 file changed, 4 insertions(+) diff --git a/src/providers/data_provider/dp_request.c b/src/providers/data_provider/dp_request.c index 077b361f3c..3cbd55c1ec 100644 --- a/src/providers/data_provider/dp_request.c +++ b/src/providers/data_provider/dp_request.c @@ -133,6 +133,10 @@ static errno_t dp_attach_req(struct dp_req *dp_req, SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. [%s CID #%u] Flags [%#.4x].", sender_name, cli_id, dp_flags); +if (be_is_offline(provider->be_ctx)) { +DEBUG(SSSDBG_TRACE_FUNC, "[CID #%u] Backend is offline! " \ + "Using cached data if available\n", cli_id); +} } else { SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. Flags [%#.4x].", From f67152712f30fef7abca494520ca32cacac03b55 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 1 Oct 2021 15:13:57 + Subject: [PATCH 2/4] Responder: Log client uid that started a request --- src/responder/common/responder_common.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 3207e26e6f..7e145aa9b2 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -640,9 +640,9 @@ static void accept_fd_handler(struct tevent_context *ev, rctx->client_id_num++; DEBUG(SSSDBG_TRACE_FUNC, - "Client [CID #%u][cmd %s][%p][%d] connected%s!\n", - rctx->client_id_num, cctx->cmd_line, cctx, cctx->cfd, - accept_ctx->is_private ? " to privileged pipe" : ""); + "Client [CID #%u][cmd %s][uid %u][%p][%d] connected%s!\n", + rctx->client_id_num, cctx->cmd_line, cli_creds_get_uid(cctx->creds), + cctx, cctx->cfd, accept_ctx->is_private ? " to privileged pipe" : ""); return; } From 0a018653576715d8af13ec4eb6bc57791e1f2078 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 11 Jun 2021 11:04:59 -0400 Subject: [PATCH 3/4] TOOLS: Add sss_analyze utility Add log parsing tool which can be used to track requests across responder and backend logs. --- Makefile.am| 2 +- configure.ac | 1 + contrib/sssd.spec.in | 5 + src/tools/analyzer/Makefile.am | 16 ++ src/tools/analyzer/modules/__init__.py | 0 src/tools/analyzer/modules/request.py | 276 + src/tools/analyzer/source_files.py | 76 +++ src/tools/analyzer/source_journald.py | 47 + src/tools/analyzer/source_reader.py| 27 +++ src/tools/analyzer/sss_analyze.py | 27 +++ 10 files changed, 476 insertions(+), 1 deletion(-) create mode 100644 src/tools/analyzer/Makefile.am create mode 100644 src/tools/analyzer/modules/__init__.py create mode 100644 src/tools/analyzer/modules/request.py create mode 100644 src/tools/analyzer/source_files.py create mode 100644 src/tools/analyzer/source_journald.py create mode 100644 src/tools/analyzer/source_reader.py create mode 100755 src/tools/analyzer/sss_analyze.py diff --git a/Makefile.am b/Makefile.am index 6d84b082ec..c7c429965d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -22,7 +22,7 @@ SUBDIRS += src/man endif SUBDIRS += . src/tests/cwrap src/tests/intg src/tests/test_CA \ - src/tests/test_ECC_CA + src/tests/test_ECC_CA src/tools/analyzer # Some old versions of automake don't define builddir builddir ?= . diff --git a/configure.ac b/configure.ac index c5c3a903b0..c5193fa545 100644 --- a/configure.ac +++ b/configure.ac @@ -531,6 +531,7 @@ AC_CONFIG_FILES([Makefile contrib/sssd.spec src/examples/rwtab src/doxy.config src/lib/sifp/sss_simpleifp.doxy src/config/setup.py src/systemtap/sssd.stp + src/tools/analyzer/Makefile src/config/SSSDConfig/__init__.py]) AC_CONFIG_FILES([sbus_generate.sh], [chmod +x sbus_genera
[SSSD] [sssd PR#5712][comment] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712 Title: #5712: Health and Support Analyzer - Add request log parsing utility justin-stephenson commented: """ > I look into Fedora python packaging guidelines and we can use > [py3_shebang_fix](https://docs.fedoraproject.org/en-US/packaging-guidelines/Python/#py3_shebang_fix) > macro instead of --with-python-bin and autoconf. This looks like a cleaner > approach. > > After this change, I think we can push. Okay thanks, it is fixed now to use `%py3_shebang_fix` and I removed the python bin lines """ See the full comment at https://github.com/SSSD/sssd/pull/5712#issuecomment-940428058 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5712][synchronized] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712 Author: justin-stephenson Title: #5712: Health and Support Analyzer - Add request log parsing utility Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5712/head:pr5712 git checkout pr5712 From 225f91087af3d0abb8d0c91811a8c1e305874a66 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 4 Aug 2021 14:57:55 + Subject: [PATCH 1/4] DP: Log offline warning for REQ_TRACE tracking This allows the sssctl analyze parsing tool to report if the backend was offline when the request came in to the data provider. --- src/providers/data_provider/dp_request.c | 4 1 file changed, 4 insertions(+) diff --git a/src/providers/data_provider/dp_request.c b/src/providers/data_provider/dp_request.c index 077b361f3c..3cbd55c1ec 100644 --- a/src/providers/data_provider/dp_request.c +++ b/src/providers/data_provider/dp_request.c @@ -133,6 +133,10 @@ static errno_t dp_attach_req(struct dp_req *dp_req, SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. [%s CID #%u] Flags [%#.4x].", sender_name, cli_id, dp_flags); +if (be_is_offline(provider->be_ctx)) { +DEBUG(SSSDBG_TRACE_FUNC, "[CID #%u] Backend is offline! " \ + "Using cached data if available\n", cli_id); +} } else { SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. Flags [%#.4x].", From f67152712f30fef7abca494520ca32cacac03b55 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 1 Oct 2021 15:13:57 + Subject: [PATCH 2/4] Responder: Log client uid that started a request --- src/responder/common/responder_common.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 3207e26e6f..7e145aa9b2 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -640,9 +640,9 @@ static void accept_fd_handler(struct tevent_context *ev, rctx->client_id_num++; DEBUG(SSSDBG_TRACE_FUNC, - "Client [CID #%u][cmd %s][%p][%d] connected%s!\n", - rctx->client_id_num, cctx->cmd_line, cctx, cctx->cfd, - accept_ctx->is_private ? " to privileged pipe" : ""); + "Client [CID #%u][cmd %s][uid %u][%p][%d] connected%s!\n", + rctx->client_id_num, cctx->cmd_line, cli_creds_get_uid(cctx->creds), + cctx, cctx->cfd, accept_ctx->is_private ? " to privileged pipe" : ""); return; } From bc4dfa590c9dfb2836b32b67516535fcd8775996 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 11 Jun 2021 11:04:59 -0400 Subject: [PATCH 3/4] TOOLS: Add sss_analyze utility Add log parsing tool which can be used to track requests across responder and backend logs. --- Makefile.am| 2 +- configure.ac | 1 + contrib/sssd.spec.in | 5 + src/tools/analyzer/Makefile.am | 16 ++ src/tools/analyzer/modules/__init__.py | 0 src/tools/analyzer/modules/request.py | 276 + src/tools/analyzer/source_files.py | 76 +++ src/tools/analyzer/source_journald.py | 47 + src/tools/analyzer/source_reader.py| 27 +++ src/tools/analyzer/sss_analyze.py | 24 +++ 10 files changed, 473 insertions(+), 1 deletion(-) create mode 100644 src/tools/analyzer/Makefile.am create mode 100644 src/tools/analyzer/modules/__init__.py create mode 100644 src/tools/analyzer/modules/request.py create mode 100644 src/tools/analyzer/source_files.py create mode 100644 src/tools/analyzer/source_journald.py create mode 100644 src/tools/analyzer/source_reader.py create mode 100755 src/tools/analyzer/sss_analyze.py diff --git a/Makefile.am b/Makefile.am index 6d84b082ec..c7c429965d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -22,7 +22,7 @@ SUBDIRS += src/man endif SUBDIRS += . src/tests/cwrap src/tests/intg src/tests/test_CA \ - src/tests/test_ECC_CA + src/tests/test_ECC_CA src/tools/analyzer # Some old versions of automake don't define builddir builddir ?= . diff --git a/configure.ac b/configure.ac index c5c3a903b0..c5193fa545 100644 --- a/configure.ac +++ b/configure.ac @@ -531,6 +531,7 @@ AC_CONFIG_FILES([Makefile contrib/sssd.spec src/examples/rwtab src/doxy.config src/lib/sifp/sss_simpleifp.doxy src/config/setup.py src/systemtap/sssd.stp + src/tools/analyzer/Makefile src/config/SSSDConfig/__init__.py]) AC_CONFIG_FILES([sbus_generate.sh], [chmod +x sbus_genera
[SSSD] [sssd PR#5762][comment] krb5: add support for idp:oauth2 challenge
URL: https://github.com/SSSD/sssd/pull/5762 Title: #5762: krb5: add support for idp:oauth2 challenge justin-stephenson commented: """ > I have no idea why the idp tests returs 99. It returns 0 locally. I do see the same error when running make check valgrind locally, I'll send you the log. """ See the full comment at https://github.com/SSSD/sssd/pull/5762#issuecomment-937927491 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5712][synchronized] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712 Author: justin-stephenson Title: #5712: Health and Support Analyzer - Add request log parsing utility Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5712/head:pr5712 git checkout pr5712 From 225f91087af3d0abb8d0c91811a8c1e305874a66 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 4 Aug 2021 14:57:55 + Subject: [PATCH 1/4] DP: Log offline warning for REQ_TRACE tracking This allows the sssctl analyze parsing tool to report if the backend was offline when the request came in to the data provider. --- src/providers/data_provider/dp_request.c | 4 1 file changed, 4 insertions(+) diff --git a/src/providers/data_provider/dp_request.c b/src/providers/data_provider/dp_request.c index 077b361f3c..3cbd55c1ec 100644 --- a/src/providers/data_provider/dp_request.c +++ b/src/providers/data_provider/dp_request.c @@ -133,6 +133,10 @@ static errno_t dp_attach_req(struct dp_req *dp_req, SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. [%s CID #%u] Flags [%#.4x].", sender_name, cli_id, dp_flags); +if (be_is_offline(provider->be_ctx)) { +DEBUG(SSSDBG_TRACE_FUNC, "[CID #%u] Backend is offline! " \ + "Using cached data if available\n", cli_id); +} } else { SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. Flags [%#.4x].", From f67152712f30fef7abca494520ca32cacac03b55 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 1 Oct 2021 15:13:57 + Subject: [PATCH 2/4] Responder: Log client uid that started a request --- src/responder/common/responder_common.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 3207e26e6f..7e145aa9b2 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -640,9 +640,9 @@ static void accept_fd_handler(struct tevent_context *ev, rctx->client_id_num++; DEBUG(SSSDBG_TRACE_FUNC, - "Client [CID #%u][cmd %s][%p][%d] connected%s!\n", - rctx->client_id_num, cctx->cmd_line, cctx, cctx->cfd, - accept_ctx->is_private ? " to privileged pipe" : ""); + "Client [CID #%u][cmd %s][uid %u][%p][%d] connected%s!\n", + rctx->client_id_num, cctx->cmd_line, cli_creds_get_uid(cctx->creds), + cctx, cctx->cfd, accept_ctx->is_private ? " to privileged pipe" : ""); return; } From 6c8ac8f182a16617cf7d7b7bc0dda34549ca536c Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 11 Jun 2021 11:04:59 -0400 Subject: [PATCH 3/4] TOOLS: Add sss_analyze utility Add log parsing tool which can be used to track requests across responder and backend logs. --- Makefile.am| 2 +- configure.ac | 3 + contrib/sssd.spec.in | 5 + src/conf_macros.m4 | 14 ++ src/tools/analyzer/Makefile.am | 16 ++ src/tools/analyzer/modules/__init__.py | 0 src/tools/analyzer/modules/request.py | 276 + src/tools/analyzer/source_files.py | 76 +++ src/tools/analyzer/source_journald.py | 47 + src/tools/analyzer/source_reader.py| 27 +++ src/tools/analyzer/sss_analyze.py.in | 24 +++ 11 files changed, 489 insertions(+), 1 deletion(-) create mode 100644 src/tools/analyzer/Makefile.am create mode 100644 src/tools/analyzer/modules/__init__.py create mode 100644 src/tools/analyzer/modules/request.py create mode 100644 src/tools/analyzer/source_files.py create mode 100644 src/tools/analyzer/source_journald.py create mode 100644 src/tools/analyzer/source_reader.py create mode 100755 src/tools/analyzer/sss_analyze.py.in diff --git a/Makefile.am b/Makefile.am index 6d84b082ec..c7c429965d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -22,7 +22,7 @@ SUBDIRS += src/man endif SUBDIRS += . src/tests/cwrap src/tests/intg src/tests/test_CA \ - src/tests/test_ECC_CA + src/tests/test_ECC_CA src/tools/analyzer # Some old versions of automake don't define builddir builddir ?= . diff --git a/configure.ac b/configure.ac index c5c3a903b0..2b1f5fc828 100644 --- a/configure.ac +++ b/configure.ac @@ -152,6 +152,7 @@ WITH_WINBIND_PLUGIN_PATH WITH_SELINUX WITH_NSCD WITH_IPA_GETKEYTAB +WITH_PYTHON_BIN WITH_SEMANAGE WITH_AD_GPO_DEFAULT WITH_GPO_CACHE_PATH @@ -531,6 +532,8 @@ AC_CONFIG_FILES([Makefile contrib/sssd.spec src/examples/rwtab src/doxy.config src/lib/sifp/sss_simpleifp.doxy
[SSSD] [sssd PR#5712][comment] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712 Title: #5712: Health and Support Analyzer - Add request log parsing utility justin-stephenson commented: """ Latest push includes change to declare Reader as an abstract base class with required methods, source Files and Journald classes are subclassing Reader. """ See the full comment at https://github.com/SSSD/sssd/pull/5712#issuecomment-936600494 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5712][comment] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712 Title: #5712: Health and Support Analyzer - Add request log parsing utility justin-stephenson commented: """ Latest push includes change to declare Reader as an abstract base class with required methods, Files() and Journald() readers are subclassing Reader. """ See the full comment at https://github.com/SSSD/sssd/pull/5712#issuecomment-936600494 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5712][synchronized] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712 Author: justin-stephenson Title: #5712: Health and Support Analyzer - Add request log parsing utility Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5712/head:pr5712 git checkout pr5712 From 225f91087af3d0abb8d0c91811a8c1e305874a66 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 4 Aug 2021 14:57:55 + Subject: [PATCH 1/4] DP: Log offline warning for REQ_TRACE tracking This allows the sssctl analyze parsing tool to report if the backend was offline when the request came in to the data provider. --- src/providers/data_provider/dp_request.c | 4 1 file changed, 4 insertions(+) diff --git a/src/providers/data_provider/dp_request.c b/src/providers/data_provider/dp_request.c index 077b361f3c..3cbd55c1ec 100644 --- a/src/providers/data_provider/dp_request.c +++ b/src/providers/data_provider/dp_request.c @@ -133,6 +133,10 @@ static errno_t dp_attach_req(struct dp_req *dp_req, SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. [%s CID #%u] Flags [%#.4x].", sender_name, cli_id, dp_flags); +if (be_is_offline(provider->be_ctx)) { +DEBUG(SSSDBG_TRACE_FUNC, "[CID #%u] Backend is offline! " \ + "Using cached data if available\n", cli_id); +} } else { SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. Flags [%#.4x].", From f67152712f30fef7abca494520ca32cacac03b55 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 1 Oct 2021 15:13:57 + Subject: [PATCH 2/4] Responder: Log client uid that started a request --- src/responder/common/responder_common.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 3207e26e6f..7e145aa9b2 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -640,9 +640,9 @@ static void accept_fd_handler(struct tevent_context *ev, rctx->client_id_num++; DEBUG(SSSDBG_TRACE_FUNC, - "Client [CID #%u][cmd %s][%p][%d] connected%s!\n", - rctx->client_id_num, cctx->cmd_line, cctx, cctx->cfd, - accept_ctx->is_private ? " to privileged pipe" : ""); + "Client [CID #%u][cmd %s][uid %u][%p][%d] connected%s!\n", + rctx->client_id_num, cctx->cmd_line, cli_creds_get_uid(cctx->creds), + cctx, cctx->cfd, accept_ctx->is_private ? " to privileged pipe" : ""); return; } From 858d1ed9cacbb815ba23b24d4236257061681751 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 11 Jun 2021 11:04:59 -0400 Subject: [PATCH 3/4] TOOLS: Add sss_analyze utility Add log parsing tool which can be used to track requests across responder and backend logs. --- Makefile.am| 2 +- configure.ac | 3 + contrib/sssd.spec.in | 5 + src/conf_macros.m4 | 14 ++ src/tools/analyzer/Makefile.am | 16 ++ src/tools/analyzer/modules/__init__.py | 0 src/tools/analyzer/modules/request.py | 277 + src/tools/analyzer/source_files.py | 76 +++ src/tools/analyzer/source_journald.py | 47 + src/tools/analyzer/source_reader.py| 27 +++ src/tools/analyzer/sss_analyze.py.in | 24 +++ 11 files changed, 490 insertions(+), 1 deletion(-) create mode 100644 src/tools/analyzer/Makefile.am create mode 100644 src/tools/analyzer/modules/__init__.py create mode 100644 src/tools/analyzer/modules/request.py create mode 100644 src/tools/analyzer/source_files.py create mode 100644 src/tools/analyzer/source_journald.py create mode 100644 src/tools/analyzer/source_reader.py create mode 100755 src/tools/analyzer/sss_analyze.py.in diff --git a/Makefile.am b/Makefile.am index 6d84b082ec..c7c429965d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -22,7 +22,7 @@ SUBDIRS += src/man endif SUBDIRS += . src/tests/cwrap src/tests/intg src/tests/test_CA \ - src/tests/test_ECC_CA + src/tests/test_ECC_CA src/tools/analyzer # Some old versions of automake don't define builddir builddir ?= . diff --git a/configure.ac b/configure.ac index c5c3a903b0..2b1f5fc828 100644 --- a/configure.ac +++ b/configure.ac @@ -152,6 +152,7 @@ WITH_WINBIND_PLUGIN_PATH WITH_SELINUX WITH_NSCD WITH_IPA_GETKEYTAB +WITH_PYTHON_BIN WITH_SEMANAGE WITH_AD_GPO_DEFAULT WITH_GPO_CACHE_PATH @@ -531,6 +532,8 @@ AC_CONFIG_FILES([Makefile contrib/sssd.spec src/examples/rwtab src/doxy.config src/lib/sifp/sss_simpleifp.doxy
[SSSD] [sssd PR#5712][comment] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712 Title: #5712: Health and Support Analyzer - Add request log parsing utility justin-stephenson commented: """ > Can't run: > > ``` > [pbrezina /dev/shm/sssd]$ sudo sssctl analyze > Traceback (most recent call last): > File "/usr/lib/python3.9/site-packages/sssd/sss_analyze.py", line 7, in > > from modules import request > File "/usr/lib/python3.9/site-packages/sssd/modules/request.py", line 78 > Return source lines which match any number of patterns >^ > SyntaxError: invalid syntax > Command '/usr/lib/python3.9/site-packages/sssd/sss_analyze.py' failed with [1] > ``` Fixed now, sorry. """ See the full comment at https://github.com/SSSD/sssd/pull/5712#issuecomment-936299262 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5712][synchronized] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712 Author: justin-stephenson Title: #5712: Health and Support Analyzer - Add request log parsing utility Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5712/head:pr5712 git checkout pr5712 From 225f91087af3d0abb8d0c91811a8c1e305874a66 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 4 Aug 2021 14:57:55 + Subject: [PATCH 1/4] DP: Log offline warning for REQ_TRACE tracking This allows the sssctl analyze parsing tool to report if the backend was offline when the request came in to the data provider. --- src/providers/data_provider/dp_request.c | 4 1 file changed, 4 insertions(+) diff --git a/src/providers/data_provider/dp_request.c b/src/providers/data_provider/dp_request.c index 077b361f3c..3cbd55c1ec 100644 --- a/src/providers/data_provider/dp_request.c +++ b/src/providers/data_provider/dp_request.c @@ -133,6 +133,10 @@ static errno_t dp_attach_req(struct dp_req *dp_req, SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. [%s CID #%u] Flags [%#.4x].", sender_name, cli_id, dp_flags); +if (be_is_offline(provider->be_ctx)) { +DEBUG(SSSDBG_TRACE_FUNC, "[CID #%u] Backend is offline! " \ + "Using cached data if available\n", cli_id); +} } else { SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. Flags [%#.4x].", From f67152712f30fef7abca494520ca32cacac03b55 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 1 Oct 2021 15:13:57 + Subject: [PATCH 2/4] Responder: Log client uid that started a request --- src/responder/common/responder_common.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 3207e26e6f..7e145aa9b2 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -640,9 +640,9 @@ static void accept_fd_handler(struct tevent_context *ev, rctx->client_id_num++; DEBUG(SSSDBG_TRACE_FUNC, - "Client [CID #%u][cmd %s][%p][%d] connected%s!\n", - rctx->client_id_num, cctx->cmd_line, cctx, cctx->cfd, - accept_ctx->is_private ? " to privileged pipe" : ""); + "Client [CID #%u][cmd %s][uid %u][%p][%d] connected%s!\n", + rctx->client_id_num, cctx->cmd_line, cli_creds_get_uid(cctx->creds), + cctx, cctx->cfd, accept_ctx->is_private ? " to privileged pipe" : ""); return; } From b24921db7588ebe5372a3f5419845ea869aeb034 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 11 Jun 2021 11:04:59 -0400 Subject: [PATCH 3/4] TOOLS: Add sss_analyze utility Add log parsing tool which can be used to track requests across responder and backend logs. --- Makefile.am| 2 +- configure.ac | 3 + contrib/sssd.spec.in | 5 + src/conf_macros.m4 | 14 ++ src/tools/analyzer/Makefile.am | 15 ++ src/tools/analyzer/modules/__init__.py | 0 src/tools/analyzer/modules/request.py | 278 + src/tools/analyzer/source_files.py | 79 +++ src/tools/analyzer/source_journald.py | 51 + src/tools/analyzer/sss_analyze.py.in | 24 +++ 10 files changed, 470 insertions(+), 1 deletion(-) create mode 100644 src/tools/analyzer/Makefile.am create mode 100644 src/tools/analyzer/modules/__init__.py create mode 100644 src/tools/analyzer/modules/request.py create mode 100644 src/tools/analyzer/source_files.py create mode 100644 src/tools/analyzer/source_journald.py create mode 100755 src/tools/analyzer/sss_analyze.py.in diff --git a/Makefile.am b/Makefile.am index 6d84b082ec..c7c429965d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -22,7 +22,7 @@ SUBDIRS += src/man endif SUBDIRS += . src/tests/cwrap src/tests/intg src/tests/test_CA \ - src/tests/test_ECC_CA + src/tests/test_ECC_CA src/tools/analyzer # Some old versions of automake don't define builddir builddir ?= . diff --git a/configure.ac b/configure.ac index c5c3a903b0..2b1f5fc828 100644 --- a/configure.ac +++ b/configure.ac @@ -152,6 +152,7 @@ WITH_WINBIND_PLUGIN_PATH WITH_SELINUX WITH_NSCD WITH_IPA_GETKEYTAB +WITH_PYTHON_BIN WITH_SEMANAGE WITH_AD_GPO_DEFAULT WITH_GPO_CACHE_PATH @@ -531,6 +532,8 @@ AC_CONFIG_FILES([Makefile contrib/sssd.spec src/examples/rwtab src/doxy.config src/lib/sifp/sss_simpleifp.doxy src/config/setup.py src/systemtap/sssd.stp + src/tools/analyzer/Makefile +
[SSSD] [sssd PR#5712][comment] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712 Title: #5712: Health and Support Analyzer - Add request log parsing utility justin-stephenson commented: """ > Please add docstrings to the new python modules, classes and methods. The > comments describing method functionality should be included in docstrings > instead. Method parameters and returns should be described possibly with type > hints. Some python specific IDE like Pycharm Community can help with this > including overall python coding conventions (PEP-8). Thanks Jakub, I added docstrings as requested. """ See the full comment at https://github.com/SSSD/sssd/pull/5712#issuecomment-934688415 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5712][synchronized] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712 Author: justin-stephenson Title: #5712: Health and Support Analyzer - Add request log parsing utility Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5712/head:pr5712 git checkout pr5712 From 225f91087af3d0abb8d0c91811a8c1e305874a66 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Wed, 4 Aug 2021 14:57:55 + Subject: [PATCH 1/4] DP: Log offline warning for REQ_TRACE tracking This allows the sssctl analyze parsing tool to report if the backend was offline when the request came in to the data provider. --- src/providers/data_provider/dp_request.c | 4 1 file changed, 4 insertions(+) diff --git a/src/providers/data_provider/dp_request.c b/src/providers/data_provider/dp_request.c index 077b361f3c..3cbd55c1ec 100644 --- a/src/providers/data_provider/dp_request.c +++ b/src/providers/data_provider/dp_request.c @@ -133,6 +133,10 @@ static errno_t dp_attach_req(struct dp_req *dp_req, SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. [%s CID #%u] Flags [%#.4x].", sender_name, cli_id, dp_flags); +if (be_is_offline(provider->be_ctx)) { +DEBUG(SSSDBG_TRACE_FUNC, "[CID #%u] Backend is offline! " \ + "Using cached data if available\n", cli_id); +} } else { SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name, "New request. Flags [%#.4x].", From f67152712f30fef7abca494520ca32cacac03b55 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 1 Oct 2021 15:13:57 + Subject: [PATCH 2/4] Responder: Log client uid that started a request --- src/responder/common/responder_common.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 3207e26e6f..7e145aa9b2 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -640,9 +640,9 @@ static void accept_fd_handler(struct tevent_context *ev, rctx->client_id_num++; DEBUG(SSSDBG_TRACE_FUNC, - "Client [CID #%u][cmd %s][%p][%d] connected%s!\n", - rctx->client_id_num, cctx->cmd_line, cctx, cctx->cfd, - accept_ctx->is_private ? " to privileged pipe" : ""); + "Client [CID #%u][cmd %s][uid %u][%p][%d] connected%s!\n", + rctx->client_id_num, cctx->cmd_line, cli_creds_get_uid(cctx->creds), + cctx, cctx->cfd, accept_ctx->is_private ? " to privileged pipe" : ""); return; } From 247df7ec8c57efcb0591baf408e1115d425e1785 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Fri, 11 Jun 2021 11:04:59 -0400 Subject: [PATCH 3/4] TOOLS: Add sss_analyze utility Add log parsing tool which can be used to track requests across responder and backend logs. --- Makefile.am| 2 +- configure.ac | 3 + contrib/sssd.spec.in | 5 + src/conf_macros.m4 | 14 ++ src/tools/analyzer/Makefile.am | 15 ++ src/tools/analyzer/modules/__init__.py | 0 src/tools/analyzer/modules/request.py | 279 + src/tools/analyzer/source_files.py | 79 +++ src/tools/analyzer/source_journald.py | 51 + src/tools/analyzer/sss_analyze.py.in | 24 +++ 10 files changed, 471 insertions(+), 1 deletion(-) create mode 100644 src/tools/analyzer/Makefile.am create mode 100644 src/tools/analyzer/modules/__init__.py create mode 100644 src/tools/analyzer/modules/request.py create mode 100644 src/tools/analyzer/source_files.py create mode 100644 src/tools/analyzer/source_journald.py create mode 100755 src/tools/analyzer/sss_analyze.py.in diff --git a/Makefile.am b/Makefile.am index 6d84b082ec..c7c429965d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -22,7 +22,7 @@ SUBDIRS += src/man endif SUBDIRS += . src/tests/cwrap src/tests/intg src/tests/test_CA \ - src/tests/test_ECC_CA + src/tests/test_ECC_CA src/tools/analyzer # Some old versions of automake don't define builddir builddir ?= . diff --git a/configure.ac b/configure.ac index c5c3a903b0..2b1f5fc828 100644 --- a/configure.ac +++ b/configure.ac @@ -152,6 +152,7 @@ WITH_WINBIND_PLUGIN_PATH WITH_SELINUX WITH_NSCD WITH_IPA_GETKEYTAB +WITH_PYTHON_BIN WITH_SEMANAGE WITH_AD_GPO_DEFAULT WITH_GPO_CACHE_PATH @@ -531,6 +532,8 @@ AC_CONFIG_FILES([Makefile contrib/sssd.spec src/examples/rwtab src/doxy.config src/lib/sifp/sss_simpleifp.doxy src/config/setup.py src/systemtap/sssd.stp + src/tools/analyzer/Makefile +
[SSSD] [sssd PR#5807][opened] KCM: Remove unneeded allocation
URL: https://github.com/SSSD/sssd/pull/5807 Author: justin-stephenson Title: #5807: KCM: Remove unneeded allocation Action: opened PR body: """ Memory is allocated later for the individual ccache when retrieved with secdb_get_cc() """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5807/head:pr5807 git checkout pr5807 From 8f01447d5b1fa1b2dfa6935d28d73752f67f4528 Mon Sep 17 00:00:00 2001 From: Justin Stephenson Date: Mon, 4 Oct 2021 16:15:05 -0400 Subject: [PATCH] KCM: Remove unneeded allocation Memory is allocated later for the individual ccache when retrieved with secdb_get_cc() --- src/responder/kcm/kcmsrv_ccache_secdb.c | 6 -- 1 file changed, 6 deletions(-) diff --git a/src/responder/kcm/kcmsrv_ccache_secdb.c b/src/responder/kcm/kcmsrv_ccache_secdb.c index 4631bfea09..b10e5c33c9 100644 --- a/src/responder/kcm/kcmsrv_ccache_secdb.c +++ b/src/responder/kcm/kcmsrv_ccache_secdb.c @@ -855,12 +855,6 @@ static errno_t ccdb_secdb_get_cc_for_uuid(TALLOC_CTX *mem_ctx, for (size_t i = 0; i < uuid_list_count; i++) { struct passwd *pwd; -cc_list[i] = talloc_zero(cc_list, struct kcm_ccache); -if (cc_list[i] == NULL) { -ret = ENOMEM; -goto done; -} - ret = split_on_separator(tmp_ctx, uuid_list[i], ':', true, true, &list, NULL); if (ret != EOK) { ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure