On Thu, Oct 17, 2013 at 10:59:47AM +0200, Pavel Březina wrote: > https://fedorahosted.org/sssd/ticket/2092
> From d363ac390df58435a8cf83098a1407689f1f5db4 Mon Sep 17 00:00:00 2001 > From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <[email protected]> > Date: Thu, 17 Oct 2013 10:20:56 +0200 > Subject: [PATCH] nss: wait for initial subdomains request to finish > > AD provider downloads domain information and initalizes ID mapping > during subdomains request. This information is necessary to lookup > objects without POSIX attributes. > > We need to make sure that we postpone all responder requests until > ID mapping is initialized in the provider. > > Resolves: > https://fedorahosted.org/sssd/ticket/2092 I haven't tested the patch yet, but I think it is a good solution for the present issue although it might lead to some additional cycles for environments without subdomains. I wonder if a more general solution to the issue would be to let the backend only send a response to a DP_METHOD_REGISTER request if the backend is fully initialized? Currently the response is send immediately. I think this change is out of scope for 1.11 but if you agree I can open a ticket with this suggestion and a hint to remove this patch if it is implemented? bye, Sumit > --- > src/responder/nss/nsssrv_cmd.c | 14 ++++++++++++++ > 1 file changed, 14 insertions(+) > > diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c > index > 7220e3a35a4b97b3425ff88dbd8e08b7afdaa9c8..d37b4707cb734375011650632bca6d429042038c > 100644 > --- a/src/responder/nss/nsssrv_cmd.c > +++ b/src/responder/nss/nsssrv_cmd.c > @@ -1039,6 +1039,20 @@ static int nss_cmd_getbynam(enum sss_cli_command cmd, > struct cli_ctx *cctx) > DEBUG(SSSDBG_TRACE_FUNC, ("Running command [%d] with input [%s].\n", > dctx->cmdctx->cmd, rawname)); > > + /* We need to attach to subdomain request, if the first one is not > + * finished yet. We may not be able to lookup object in AD otherwise. */ > + if (cctx->rctx->get_domains_last_call.tv_sec == 0) { > + req = sss_dp_get_domains_send(cctx->rctx, cctx->rctx, true, NULL); > + if (req == NULL) { > + ret = ENOMEM; > + } else { > + dctx->rawname = rawname; > + tevent_req_set_callback(req, nss_cmd_getbynam_done, dctx); > + ret = EAGAIN; > + } > + goto done; > + } > + > domname = NULL; > ret = sss_parse_name_for_domains(cmdctx, cctx->rctx->domains, > cctx->rctx->default_domain, rawname, > -- > 1.7.11.7 > > _______________________________________________ > sssd-devel mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/sssd-devel _______________________________________________ sssd-devel mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
