Learn more about these different git repos.
Other Git URLs
In large IPA environments where a high number of sudo commands and command groups are used, retrieval of sudo data can lead to SSSD constructing an overly large search filter which is not handled well on the ns-slapd side.
[sssd[be[example.com]]] [ipa_sudo_fetch_cmds] (0x0400): About to fetch sudo commands [sssd[be[example.com]]] [sdap_search_bases_ex_next_base] (0x0400): Issuing LDAP lookup with base [cn=sudo,dc=example,dc=com] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(objectClass=ipasudocmd)(|(ipaUniqueID=5cbdcd46-25b4-11e7-848f-005056903d23)(ipaUniqueID=3196e868-cc10-11e5-910c-005056af6b59)(ipaUniqueID=3b73dd06-719c-11e5-a20d-005056af6c53)(ipaUniqueID=f88b04be-719c-11e5-8589-005056af6c53)(ipaUniqueID=609e4a12-719c-11e5-bfe7-005056af6c53)(ipaUniqueID=a24a0712-719c-11e5-bfe7-005056af6c53)(ipaUniqueID=c8dcdef4-719c-11e5-9013-005056af6c53)(ipaUniqueID=b6374b40-719c-11e5-b580-005056af6c53)(ipaUniqueID=5e1e137a-719d-11e5-9491-005056af6c53)(ipaUniqueID=f1a3814e-719c-11e5-88b1-005056af6c53)(ipaUniqueID=08da87aa-719c-11e5-9013-005056af6c53)(ipaUniqueID=98a2b064-719d-11e5-84e8-005056af6c53)(ipaUniqueID=99a7efb0-719d-11e5-bd5c-005056af6c53)(ipaUniqueID=1cd4519c-016f-11e6-9238-005056905903)(ipaUniqueID=86e0e5ae-719c-11e5-b298-005056af6c53)(ipaUniqueID=403bb138-719c-11e5-9538-005056af6c53)(ipaUniqueID=ebfa80e2-ccd3-11e6-aac6-005056b8755d)(ipaUniqueID=a7e19a40-719d-11e5-a20d-005056af6c53)
...
and so on for every IPA sudo command applicable to the host
Metadata Update from @jstephen: - Issue assigned to jstephen
Metadata Update from @jstephen: - Custom field rhbz adjusted to 1486786
Metadata Update from @jstephen: - Issue tagged with: PR
https://github.com/SSSD/sssd/pull/374
I might be wrong but is it a duplicate of https://pagure.io/SSSD/sssd/issue/3478?
@lslebodn very similar but this issue relates to sudo commands and command groups in the IPA provider, not rules retrieved in the sudo rules refresh code.
Metadata Update from @jhrozek: - Custom field rhbz adjusted to 1486786, https://bugzilla.redhat.com/show_bug.cgi?id=1486786 (was: 1486786)
Issue linked to Bugzilla: Bug 1486786
temporarily filing into 1.16.0 because I don't want to grow the 1.15.x milestone even more. But of course if the PR is reviewed sooner (and pbrezina should be on it) than 1.15.4 is released, I'll move the ticekt.
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 1.16.0
Metadata Update from @jhrozek: - Issue priority set to: major
master:
Metadata Update from @lslebodn: - Issue close_status updated to: Fixed - Issue set to the milestone: SSSD 1.15.4 (was: SSSD 1.16.0) - Issue status updated to: Closed (was: Open)
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 1.16.0 (was: SSSD 1.15.4)
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/4533
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.