#2912 refresh_expired_interval stops sss_cache from working
Closed: Fixed None Opened 4 years ago by pbrezina.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1295883

Description of problem:
Enabling 'refresh_expired_interval' in the domain/LDAP section stops calls to
sss_cache from expiring data.

Version-Release number of selected component (if applicable):
sssd-1.12.4-47.el6_7.4.x86_64

How reproducible:
Everytime

Steps to Reproduce:
1. Setup sssd.conf against an ldap server.
2. Add 'refresh_expired_interval = 1234' to the [domain/LDAP] section
3. Query a netgroup
# getent netgroup testgroup
testgroup ( ,user1,) ( ,user2,) ( ,user3,)
4. Modify the group external to remove user3
5. Call sss_cache to expire the group
# sss_cache -n testgroup
6. Verify netgroup
# getent netgroup testgroup
testgroup ( ,user1,) ( ,user2,) ( ,user3,)

For this step I'm also watching the sssd_LDAP.log with debug=9. Following is
the output during steps 4/5

(Tue Jan  5 16:59:38 2016) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): dbus
conn: 0x1477920
(Tue Jan  5 16:59:38 2016) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000):
Dispatching.
(Tue Jan  5 16:59:38 2016) [sssd[be[LDAP]]] [sbus_message_handler] (0x4000):
Received SBUS method [rotateLogs]
(Tue Jan  5 16:59:38 2016) [sssd[be[LDAP]]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Tue Jan  5 16:59:38 2016) [sssd[be[LDAP]]] [sbus_handler_got_caller_id]
(0x4000): Received SBUS method [rotateLogs]
(Tue Jan  5 16:59:39 2016) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000): dbus
conn: 0x1477920
(Tue Jan  5 16:59:39 2016) [sssd[be[LDAP]]] [sbus_dispatch] (0x4000):
Dispatching.
(Tue Jan  5 16:59:39 2016) [sssd[be[LDAP]]] [sbus_message_handler] (0x4000):
Received SBUS method [ping]
(Tue Jan  5 16:59:39 2016) [sssd[be[LDAP]]] [sbus_get_sender_id_send] (0x2000):
Not a sysbus message, quit
(Tue Jan  5 16:59:39 2016) [sssd[be[LDAP]]] [sbus_handler_got_caller_id]
(0x4000): Received SBUS method [ping]

Without 'refresh_expired_interval' set you can see if going off to the ldap
server and re-caching results on the getent query and it returns the results
correctly.

The changelog for 1.12.5 does list some enhancements for
'refresh_expired_interval' so perhaps it is fixed there, but I don't have a
Fedora system to test on.

Fields changed

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
milestone: NEEDS_TRIAGE => SSSD 1.13.4
owner: somebody => mzidek
review: True => 0
selected: =>
testsupdated: => 0

Bumping priority, this is an important ticket for our downstream.

priority: major => critical

Fields changed

patch: 0 => 1

Fields changed

resolution: => fixed
status: new => closed

Metadata Update from @pbrezina:
- Issue assigned to mzidek
- Issue set to the milestone: SSSD 1.13.4

3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3953

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata