Improve docs/debug message about GC detection

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> (cherry picked from commit 3115154117) (cherry picked from commit 8ac548e27d)
2018-04-27 21:52:39 +02:00 · 2018-04-27 21:52:39 +02:00 · 0caad9889d
commit 0caad9889d
parent 2c6ba2bf2b
3 changed files with 79 additions and 0 deletions
--- a/0033-SDAP-Improve-a-DEBUG-message-about-GC-detection.patch
+++ b/0033-SDAP-Improve-a-DEBUG-message-about-GC-detection.patch
@ -0,0 +1,42 @@
+From ac1636acadcf8e799a93d799140e8ff2d533f313 Mon Sep 17 00:00:00 2001
+From: Jakub Hrozek <jhrozek@redhat.com>
+Date: Tue, 23 Jan 2018 11:23:37 +0100
+Subject: [PATCH] SDAP: Improve a DEBUG message about GC detection
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+It was not entirely clear what the message means. We should improve the
+debug message to make it clear that all or none attributes should be
+replicated to the Global Catalog.
+
+This patch can be reverted once we fix
+https://pagure.io/SSSD/sssd/issue/3538 and only use the GC to look up
+the entry DN, not the entry itself.
+
+Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
+(cherry picked from commit 2d43eaf43540c375d39c5e1c2482595e919fb4df)
+---
+ src/providers/ldap/sdap_async.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c
+index 76cfce207..1e77b1c3c 100644
+--- a/src/providers/ldap/sdap_async.c
+++ b/src/providers/ldap/sdap_async.c
+@@ -2720,7 +2720,11 @@ static void sdap_gc_posix_check_done(struct tevent_req *subreq)
+ 
+     /* Positive hit is definitive, no need to search other bases */
+     if (state->has_posix == true) {
+-        DEBUG(SSSDBG_FUNC_DATA, "Server has POSIX attributes\n");
+        DEBUG(SSSDBG_FUNC_DATA, "Server has POSIX attributes. Global Catalog will "
+                                "be used for user and group lookups. Note that if "
+                                "only a subset of POSIX attributes is present "
+                                "in GC, the non-replicated attributes are "
+                                "currently not read from the LDAP port\n");
+         tevent_req_done(req);
+         return;
+     }
+-- 
+2.14.3
+
--- a/0034-MAN-Improve-docs-about-GC-detection.patch
+++ b/0034-MAN-Improve-docs-about-GC-detection.patch
@ -0,0 +1,34 @@
+From 1438765a294161b9b636e01ed86bc52c540183d3 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= <fidencio@redhat.com>
+Date: Thu, 12 Apr 2018 10:38:42 +0200
+Subject: [PATCH] MAN: Improve docs about GC detection
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Add the same note we have as part of our debug to the sssd-ad manual.
+
+Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
+Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
+(cherry picked from commit 4ab8734cc45fab2d1a0e690b566da1bda63df76c)
+---
+ src/man/sssd-ad.5.xml | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml
+index be2593dca..f43c7fcf4 100644
+--- a/src/man/sssd-ad.5.xml
+++ b/src/man/sssd-ad.5.xml
+@@ -100,6 +100,9 @@ ldap_id_mapping = False
+             domains in the forest sequentially. Please note that the
+             <quote>cache_first</quote> option might be also helpful in
+             speeding up domainless searches.
+            Note that if only a subset of POSIX attributes is present in
+            the Global Catalog, the non-replicated attributes are currently
+            not read from the LDAP port.
+         </para>
+         <para>
+             Users, groups and other entities served by SSSD are always treated as
+-- 
+2.14.3
+
--- a/sssd.spec
+++ b/sssd.spec
@ -75,6 +75,8 @@ Patch0029: 0029-nss-add-a-netgroup-counter-to-struct-nss_enum_index.patch
 Patch0030: 0030-sssctl-Showing-help-even-when-sssd-not-configured.patch
 Patch0031: 0031-sssctl-move-check-for-version-error-to-correct-place.patch
 Patch0032: 0032-MAN-Add-sss-certmap-man-page-regarding-priority-proc.patch
+Patch0033: 0033-SDAP-Improve-a-DEBUG-message-about-GC-detection.patch
+Patch0034: 0034-MAN-Improve-docs-about-GC-detection.patch

 Patch0502: 0502-SYSTEMD-Use-capabilities.patch
 Patch0503: 0503-Disable-stopping-idle-socket-activated-responders.patch
@ -1291,6 +1293,7 @@ fi
                            configured
 - Resolves: upstream#3469 - extend sss-certmap man page regarding priority
                            processing
+- Improve docs/debug message about GC detection

 * Fri Mar 30 2018 Fabiano Fidêncio <fidencio@fedoraproject.org> - 1.16.1-2
 - Resolves: upstream#3573 - sssd won't show netgroups with blank domain