Learn more about these different git repos.
Other Git URLs
When running a domain configured to use LDAP for ID and Kerberos for auth, the signal handler for SIGCHLD is always called twice.
This is because in sssm_ldap_id_init() and sssm_krb5_id_init() we create a new SIGCHLD handler for each provider type. Tevent does not REPLACE signal handlers, it simply sets up two callbacks for it. The result is that every time an authentication is done, the DEBUG logs show a failure at log level 1 that waitpid() could not be completed.
Unfortunately, since the callbacks are set up by tevent at the moment that the signal is handled, each callback is invoked with exactly the same options.
What we probably need to do is have this signal handler set up by a helper routine (e.g. child_handler_setup()) that will keep track of whether it has been set up previously.
Wouldn't it be more correct to remove the signal handler once it has fired and just silently ignore if the pid doesn't matches the shild we were waiting for ?
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.2
The correct approach here was (as Simo described), to set up a different signal handler for each PID being tracked. This also allowed us to report back the return code of the executable.
Fixed by 9967a29
resolution: => fixed status: new => closed
resolution: fixed => status: closed => reopened
fixedin: => 1.2.0 owner: sbose => sgallagh status: reopened => new
rhbz: => 0
Metadata Update from @sgallagh: - Issue assigned to sgallagh - Issue set to the milestone: SSSD 1.2.0
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/1502
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.