#3274 sssd-1-13 and earlier only: requests without the "fast" flag do not reconnect to the remote server

Created 9 months ago by jhrozek
Modified 7 months ago

The responders can send the 'fast' flag along with their request. When this request is set and the responder is offline, the provider just responds with ERR_OFFLINE. However, when the flag is unset, which is what the PAM responder does, the provider should reconnect.

Ideally, the fast flag should be just checked by the Data Provider (which is what's done already), but right now the individual requests also have their own checks that shortcut the request while offline anyway such as:

    if (be_is_offline(ctx->be)) {
        DEBUG(SSSDBG_CONF_SETTINGS,
              "Backend is marked offline, retry later!\n");
        pd->pam_status = PAM_AUTHINFO_UNAVAIL;
        dp_err = DP_ERR_OFFLINE;
        goto done;
    }

This is not how sssd-1-14 or master behaves, since we refactored the DP in sssd-1-14, these extra checks are gone.

The question is, whether we want to remove the extra checks in sssd-1-13 (LTM).

This is a minor issue for the next 1.13 release

milestone: NEEDS_TRIAGE => SSSD 1.13.5
priority: major => minor

7 months ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 1.13.5

Login to comment on this ticket.

defect

SSSD

1.14.2

0

0

https://bugzilla.redhat.com/show_bug.cgi?id=1401546

0

0

0

0

cancel