diff --git a/0016-BE_REFRESH-Do-not-try-to-refresh-domains-from-other-.patch b/0016-BE_REFRESH-Do-not-try-to-refresh-domains-from-other-.patch new file mode 100644 index 0000000..d470f4e --- /dev/null +++ b/0016-BE_REFRESH-Do-not-try-to-refresh-domains-from-other-.patch @@ -0,0 +1,36 @@ +From 007d5b79b7aef67dd843ed9a3b65095faaeb580f Mon Sep 17 00:00:00 2001 +From: Lukas Slebodnik +Date: Wed, 22 Jan 2020 09:43:21 +0000 +Subject: [PATCH] BE_REFRESH: Do not try to refresh domains from other backends + +We cannot refresh domains from different sssd_be processes. +We can refresh just subdomains + +Resolves: +https://pagure.io/SSSD/sssd/issue/4142 + +Merges: https://pagure.io/SSSD/sssd/pull-request/4139 + +Reviewed-by: Sumit Bose +--- + src/providers/be_refresh.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/providers/be_refresh.c b/src/providers/be_refresh.c +index 6cce38390..5e43571ce 100644 +--- a/src/providers/be_refresh.c ++++ b/src/providers/be_refresh.c +@@ -385,6 +385,10 @@ static errno_t be_refresh_step(struct tevent_req *req) + if (state->index == BE_REFRESH_TYPE_SENTINEL) { + state->domain = get_next_domain(state->domain, + SSS_GND_DESCEND); ++ /* we can update just subdomains */ ++ if (state->domain != NULL && !IS_SUBDOMAIN(state->domain)) { ++ break; ++ } + state->index = 0; + continue; + } +-- +2.20.1 + diff --git a/sssd.spec b/sssd.spec index 1856574..52f0844 100644 --- a/sssd.spec +++ b/sssd.spec @@ -36,7 +36,7 @@ Name: sssd Version: 2.2.3 -Release: 9%{?dist} +Release: 10%{?dist} Summary: System Security Services Daemon License: GPLv3+ URL: https://pagure.io/SSSD/sssd/ @@ -58,6 +58,7 @@ Patch0012: 0012-ad-allow-booleans-for-ad_inherit_opts_if_needed.patch Patch0013: 0013-ad-add-ad_use_ldaps.patch Patch0014: 0014-ldap-add-new-option-ldap_sasl_maxssf.patch Patch0015: 0015-ad-set-min-and-max-ssf-for-ldaps.patch +Patch0016: 0016-BE_REFRESH-Do-not-try-to-refresh-domains-from-other-.patch ### Downstream only patches ### Patch0502: 0502-SYSTEMD-Use-capabilities.patch @@ -1086,6 +1087,9 @@ fi %{_libdir}/%{name}/modules/libwbclient.so %changelog +* Wed Feb 26 2020 Michal Židek - 2.2.3-10 +- Resolves: upstream#4142 - sssd_be frequent crash + * Wed Feb 26 2020 Michal Židek - 2.2.3-9 - Resolves: upstream#4131 Force LDAPS over 636 with AD Provider