Learn more about these different git repos.
Other Git URLs
There is a logic bug in the LDAP GSSAPI auth code. When the child times out, the sdap_kinit_ tevent request does not retry another KDC.
Also, when the request result is retrieved with sdap_kinit_recv, the LDAP server is marked as down, which is wrong, the kinit request only talks to KDC and its result shouldn't change the status of the LDAP server.
 Child timeout is the only really probable way the child tevent request can end with an error. The other reasons include OOM situations, child fork/exec failing. If the child operation itself fails (i.e. the keytab is wrong), the request ends with EOK and extended error information is returned in a separate variable.
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=817073 (Red Hat Enterprise Linux 5)
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=817073 817073]
owner: somebody => jhrozek
status: new => assigned
patch: 0 => 1
- 163a17f (master)
- b13da92 (sssd-1-8)
component: SSSD => LDAP Provider
milestone: NEEDS_TRIAGE => SSSD 1.8.4 (LTM)
resolution: => fixed
status: assigned => closed
Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.8.4 (LTM)
SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here:
If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.
Thank you for understanding. We apologize for all inconvenience.
to comment on this ticket.