Bug#951769: buster-pu: package sssd/1.16.3-3.1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu
Hi,
we’d like to fix #946847 in buster (which is where we found it in
production and tested a fix locally, which was later discovered to
be identical to a recent upstream fix) because it’s a denial of
service kind of bug (bad network causes sssd to hang causes no
logins and lots of other stuff not working on the machine).
I’ve built a proposed update for stable in stable, and Dominik will
test the precise build on a stable machine. I uploaded the same fix
to unstable, and the next upstream releases will also contain it.
I’m attaching the debdiff.
Please advice how to proceed.
-- System Information:
Debian Release: bullseye/sid
APT prefers unreleased
APT policy: (500, 'unreleased'), (500, 'buildd-unstable'), (500, 'unstable'), (100, 'experimental')
Architecture: x32 (x86_64)
Foreign Architectures: i386, amd64
Kernel: Linux 5.4.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)
diff -u sssd-1.16.3/debian/changelog sssd-1.16.3/debian/changelog
--- sssd-1.16.3/debian/changelog
+++ sssd-1.16.3/debian/changelog
@@ -1,3 +1,11 @@
+sssd (1.16.3-3.2) buster; urgency=medium
+
+ * Non-maintainer upload with maintainer permission.
+ * Fix sssd_be busy-looping when LDAP connection flickers.
+ (Closes: #946847)
+
+ -- Thorsten Glaser <tg@mirbsd.de> Fri, 21 Feb 2020 14:31:19 +0100
+
sssd (1.16.3-3.1) unstable; urgency=high
* Non-maintainer upload.
diff -u sssd-1.16.3/debian/patches/series sssd-1.16.3/debian/patches/series
--- sssd-1.16.3/debian/patches/series
+++ sssd-1.16.3/debian/patches/series
@@ -3,0 +4 @@
+fix-946847.diff
only in patch2:
unchanged:
--- sssd-1.16.3.orig/debian/patches/fix-946847.diff
+++ sssd-1.16.3/debian/patches/fix-946847.diff
@@ -0,0 +1,36 @@
+Description: fix busy loop caused by watchdog SIGTERM not processed
+Origin: https://pagure.io/SSSD/sssd/c/2c13d8b
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946847
+Bug: https://pagure.io/SSSD/sssd/issue/4132
+Bug: https://pagure.io/SSSD/sssd/issue/4089
+Forwarded: not-needed
+Author: Alexey Tikhonov
+Reviewed-by: Sumit Bose <sbose@redhat.com>
+Reviewed-by: mirabilos <tg@debian.org>
+Applied-Upstream: 2.2.4, commit:2c13d8b
+Applied-Upstream: 1.16.5, commit:0c62066
+
+--- a/src/util/util_watchdog.c
++++ b/src/util/util_watchdog.c
+@@ -54,9 +54,8 @@ static void watchdog_detect_timeshift(vo
+ if (write(watchdog_ctx.pipefd[1], "1", 1) != 1) {
+ if (getpid() == getpgrp()) {
+ kill(-getpgrp(), SIGTERM);
+- } else {
+- _exit(1);
+ }
++ _exit(1);
+ }
+ }
+ }
+@@ -75,9 +74,8 @@ static void watchdog_handler(int sig)
+ if (__sync_add_and_fetch(&watchdog_ctx.ticks, 1) > WATCHDOG_MAX_TICKS) {
+ if (getpid() == getpgrp()) {
+ kill(-getpgrp(), SIGTERM);
+- } else {
+- _exit(1);
+ }
++ _exit(1);
+ }
+ }
+
Reply to: