Hi,

to reproduce the netgroups failure:
    * getent netgroup testngr # to verify the netgroup is there
    * sss_cache -E
    * pkill -USR1 sssd # make sssd go offline
    * getent netgroup testngr 

to reproduce the autofs maps failure:
    * automount -m      # to verify the maps are there
    * pkill -USR1 sssd  # make sssd go offline
    * automount -m      # to verify the maps are there

Before the patches, neither offline lookup would return the expected
results. Both lookups should return results with the patches.
>From 529474153cdb4db3211cd7e1905e5a554f30e3d8 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Thu, 4 Aug 2016 17:58:32 +0200
Subject: [PATCH 1/2] AUTOFS: Fix offline resolution of autofs maps

https://fedorahosted.org/sssd/ticket/3080

If talking to the Data Provider failed, we never re-tried looking into
the cache. We should consult the cache on DP failures and return cached
results, if possible.
---
 src/responder/autofs/autofssrv_cmd.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/src/responder/autofs/autofssrv_cmd.c 
b/src/responder/autofs/autofssrv_cmd.c
index 
9666ab2d195a581f18eaa7ff9bbc4c8167a71b15..f5aa25a483c3b3352f40e8cc66dfd3a24a60af0d
 100644
--- a/src/responder/autofs/autofssrv_cmd.c
+++ b/src/responder/autofs/autofssrv_cmd.c
@@ -871,17 +871,25 @@ static void lookup_automntmap_cache_updated(uint16_t 
err_maj, uint32_t err_min,
     if (err_maj) {
         DEBUG(SSSDBG_CRIT_FAILURE,
               "Unable to get information from Data Provider\n"
-               "Error: %u, %u, %s\n"
-               "Will try to return what we have in cache\n",
+              "Error: %u, %u, %s\n"
+              "Will try to return what we have in cache\n",
                (unsigned int)err_maj, (unsigned int)err_min, err_msg);
-        /* Loop to the next domain if possible */
+
+        /* Try to fall back to cache */
+        ret = lookup_automntmap_step(lookup_ctx);
+        if (ret == EOK) {
+            /* We have cached results to return */
+            autofs_setent_notify(lookup_ctx->map, ret);
+            return;
+        }
+
+        /* Otherwise try the next domain */
         if (dctx->cmd_ctx->check_next
                 && (dctx->domain = get_next_domain(dctx->domain, 0))) {
             dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider);
         }
     }
 
-    /* ok the backend returned, search to see if we have updated results */
     ret = lookup_automntmap_step(lookup_ctx);
     if (ret != EOK) {
         if (ret == EAGAIN) {
-- 
2.4.11

>From 4ec429e611a85013fd548a83dd0f3c89d7ef1c96 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Thu, 4 Aug 2016 17:58:47 +0200
Subject: [PATCH 2/2] NSS: Fix offline resolution of netgroups

https://fedorahosted.org/sssd/ticket/3123

If talking to the Data Provider failed, we never re-tried looking into
the cache. We should consult the cache on DP failures and return cached
results, if possible.
---
 src/responder/nss/nsssrv_netgroup.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/responder/nss/nsssrv_netgroup.c 
b/src/responder/nss/nsssrv_netgroup.c
index 
e42976b245952291cd1eb36480138514e3d4ec09..37041788499c510f14c963076dbc20d554c7e2e7
 100644
--- a/src/responder/nss/nsssrv_netgroup.c
+++ b/src/responder/nss/nsssrv_netgroup.c
@@ -674,6 +674,14 @@ static void lookup_netgr_dp_callback(uint16_t err_maj, 
uint32_t err_min,
                   "Error: %u, %u, %s\n"
                   "Will try to return what we have in cache\n",
                   (unsigned int)err_maj, (unsigned int)err_min, err_msg);
+
+        /* Try to fall back to cache */
+        ret = lookup_netgr_step(step_ctx);
+        if (ret == EOK) {
+            /* We have cached results to return */
+            nss_setent_notify_done(dctx->netgr);
+        }
+
         /* Loop to the next domain if possible */
         if (cmdctx->check_next
                 && (dctx->domain = get_next_domain(dctx->domain, 0))) {
-- 
2.4.11

_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org

Reply via email to