Ticket #734 (closed defect: fixed)

Opened 3 years ago

Last modified 20 months ago

on reconnect we need to detect that a ipa/ds server has been reinitialized

Reported by: simo Owned by: pbrezina
Priority: blocker Milestone: SSSD 1.9.0 beta 7
Component: SSSD Version: 1.4.1
Keywords: Cc:
Blocked By: Blocking:
Tests Updated: no Coverity Bug:
Patch Submitted: yes Red Hat Bugzilla: 785877
Design link:
Feature Milestone:
Design review: Fedora test page:
Chosen: Candidate to push out:
Release Notes:

Description

When a DS replica is reinitialized the USNs are reset to 0 for all imported entries, and the counter is also reset to 0. When connecting to the same server therefore it is not sufficient to check the name we also need to verify that the highest USN value of the server is not lower than what we have recorded. If so we need to reset the enumeration counters just like if we were connecting to a new server.

Change History

comment:1 Changed 3 years ago by sgallagh

  • Milestone changed from NEEDS_TRIAGE to SSSD 1.6.0

comment:2 Changed 3 years ago by dpal

  • Owner changed from somebody to jzeleny
  • upgrade set to 0

comment:3 Changed 3 years ago by jzeleny

  • Status changed from new to assigned

comment:4 Changed 3 years ago by jzeleny

  • Status changed from assigned to closed
  • Patch Submitted unset
  • Resolution set to fixed

comment:5 Changed 2 years ago by sgallagh

  • Red Hat Bugzilla set to [https://bugzilla.redhat.com/show_bug.cgi?id=785877 785877]

Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=785877

comment:6 Changed 2 years ago by sgallagh

  • Status changed from closed to reopened
  • Milestone changed from SSSD 1.6.0 to NEEDS_TRIAGE
  • Resolution fixed deleted

Reopening this bug. It appears to be broken on 1.8.0. See https://bugzilla.redhat.com/show_bug.cgi?id=785877

comment:7 Changed 2 years ago by dpal

  • Priority changed from critical to blocker
  • Milestone changed from NEEDS_TRIAGE to SSSD 1.10.0

comment:8 Changed 22 months ago by jzeleny

As it was described in the BZ, the issue now is a bit different than the original request stated. Now the SSSD correctly detects that remote DS has be re-initialized but it doesn't delete the old data, it just fetches a whole bunch of new data. However that's a problem of enumeration in general, it doesn't delete records that are in the cache but no longer on the server.

The best solution in context of this ticket is to delete all records of given type with entryUSN higher than lastUSN retrieved from the server. More generic solution would be to check for all entries that have expired as well.

comment:9 Changed 22 months ago by sgallagh

  • Milestone changed from SSSD 1.10.0 to SSSD 1.9.0

comment:10 Changed 21 months ago by pbrezina

  • Owner changed from jzeleny to pbrezina
  • Status changed from reopened to new

comment:11 Changed 21 months ago by dpal

  • Milestone changed from SSSD 1.9.0 to SSSD 1.9.0 RC1

comment:12 Changed 21 months ago by pbrezina

  • Patch Submitted set

comment:13 Changed 20 months ago by jhrozek

  • Status changed from new to closed
  • proposed_priority set to Undefined
  • Resolution set to fixed
Note: See TracTickets for help on using tickets.