Hi, to reproduce the netgroups failure: * getent netgroup testngr # to verify the netgroup is there * sss_cache -E * pkill -USR1 sssd # make sssd go offline * getent netgroup testngr
to reproduce the autofs maps failure: * automount -m # to verify the maps are there * pkill -USR1 sssd # make sssd go offline * automount -m # to verify the maps are there Before the patches, neither offline lookup would return the expected results. Both lookups should return results with the patches.
>From 529474153cdb4db3211cd7e1905e5a554f30e3d8 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Thu, 4 Aug 2016 17:58:32 +0200 Subject: [PATCH 1/2] AUTOFS: Fix offline resolution of autofs maps https://fedorahosted.org/sssd/ticket/3080 If talking to the Data Provider failed, we never re-tried looking into the cache. We should consult the cache on DP failures and return cached results, if possible. --- src/responder/autofs/autofssrv_cmd.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/src/responder/autofs/autofssrv_cmd.c b/src/responder/autofs/autofssrv_cmd.c index 9666ab2d195a581f18eaa7ff9bbc4c8167a71b15..f5aa25a483c3b3352f40e8cc66dfd3a24a60af0d 100644 --- a/src/responder/autofs/autofssrv_cmd.c +++ b/src/responder/autofs/autofssrv_cmd.c @@ -871,17 +871,25 @@ static void lookup_automntmap_cache_updated(uint16_t err_maj, uint32_t err_min, if (err_maj) { DEBUG(SSSDBG_CRIT_FAILURE, "Unable to get information from Data Provider\n" - "Error: %u, %u, %s\n" - "Will try to return what we have in cache\n", + "Error: %u, %u, %s\n" + "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); - /* Loop to the next domain if possible */ + + /* Try to fall back to cache */ + ret = lookup_automntmap_step(lookup_ctx); + if (ret == EOK) { + /* We have cached results to return */ + autofs_setent_notify(lookup_ctx->map, ret); + return; + } + + /* Otherwise try the next domain */ if (dctx->cmd_ctx->check_next && (dctx->domain = get_next_domain(dctx->domain, 0))) { dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); } } - /* ok the backend returned, search to see if we have updated results */ ret = lookup_automntmap_step(lookup_ctx); if (ret != EOK) { if (ret == EAGAIN) { -- 2.4.11
>From 4ec429e611a85013fd548a83dd0f3c89d7ef1c96 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Thu, 4 Aug 2016 17:58:47 +0200 Subject: [PATCH 2/2] NSS: Fix offline resolution of netgroups https://fedorahosted.org/sssd/ticket/3123 If talking to the Data Provider failed, we never re-tried looking into the cache. We should consult the cache on DP failures and return cached results, if possible. --- src/responder/nss/nsssrv_netgroup.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/responder/nss/nsssrv_netgroup.c b/src/responder/nss/nsssrv_netgroup.c index e42976b245952291cd1eb36480138514e3d4ec09..37041788499c510f14c963076dbc20d554c7e2e7 100644 --- a/src/responder/nss/nsssrv_netgroup.c +++ b/src/responder/nss/nsssrv_netgroup.c @@ -674,6 +674,14 @@ static void lookup_netgr_dp_callback(uint16_t err_maj, uint32_t err_min, "Error: %u, %u, %s\n" "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); + + /* Try to fall back to cache */ + ret = lookup_netgr_step(step_ctx); + if (ret == EOK) { + /* We have cached results to return */ + nss_setent_notify_done(dctx->netgr); + } + /* Loop to the next domain if possible */ if (cmdctx->check_next && (dctx->domain = get_next_domain(dctx->domain, 0))) { -- 2.4.11
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org