[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#951769: buster-pu: package sssd/1.16.3-3.1

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu

Hi,

we’d like to fix #946847 in buster (which is where we found it in
production and tested a fix locally, which was later discovered to
be identical to a recent upstream fix) because it’s a denial of
service kind of bug (bad network causes sssd to hang causes no
logins and lots of other stuff not working on the machine).

I’ve built a proposed update for stable in stable, and Dominik will
test the precise build on a stable machine. I uploaded the same fix
to unstable, and the next upstream releases will also contain it.

I’m attaching the debdiff.

Please advice how to proceed.

-- System Information:
Debian Release: bullseye/sid
  APT prefers unreleased
  APT policy: (500, 'unreleased'), (500, 'buildd-unstable'), (500, 'unstable'), (100, 'experimental')
Architecture: x32 (x86_64)
Foreign Architectures: i386, amd64

Kernel: Linux 5.4.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

diff -u sssd-1.16.3/debian/changelog sssd-1.16.3/debian/changelog
--- sssd-1.16.3/debian/changelog
+++ sssd-1.16.3/debian/changelog
@@ -1,3 +1,11 @@
+sssd (1.16.3-3.2) buster; urgency=medium
+
+  * Non-maintainer upload with maintainer permission.
+  * Fix sssd_be busy-looping when LDAP connection flickers.
+    (Closes: #946847)
+
+ -- Thorsten Glaser <tg@mirbsd.de>  Fri, 21 Feb 2020 14:31:19 +0100
+
 sssd (1.16.3-3.1) unstable; urgency=high
 
   * Non-maintainer upload.
diff -u sssd-1.16.3/debian/patches/series sssd-1.16.3/debian/patches/series
--- sssd-1.16.3/debian/patches/series
+++ sssd-1.16.3/debian/patches/series
@@ -3,0 +4 @@
+fix-946847.diff
only in patch2:
unchanged:
--- sssd-1.16.3.orig/debian/patches/fix-946847.diff
+++ sssd-1.16.3/debian/patches/fix-946847.diff
@@ -0,0 +1,36 @@
+Description: fix busy loop caused by watchdog SIGTERM not processed
+Origin: https://pagure.io/SSSD/sssd/c/2c13d8b
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946847
+Bug: https://pagure.io/SSSD/sssd/issue/4132
+Bug: https://pagure.io/SSSD/sssd/issue/4089
+Forwarded: not-needed
+Author: Alexey Tikhonov
+Reviewed-by: Sumit Bose <sbose@redhat.com>
+Reviewed-by: mirabilos <tg@debian.org>
+Applied-Upstream: 2.2.4, commit:2c13d8b
+Applied-Upstream: 1.16.5, commit:0c62066
+
+--- a/src/util/util_watchdog.c
++++ b/src/util/util_watchdog.c
+@@ -54,9 +54,8 @@ static void watchdog_detect_timeshift(vo
+         if (write(watchdog_ctx.pipefd[1], "1", 1) != 1) {
+             if (getpid() == getpgrp()) {
+                 kill(-getpgrp(), SIGTERM);
+-            } else {
+-                _exit(1);
+             }
++            _exit(1);
+         }
+     }
+ }
+@@ -75,9 +74,8 @@ static void watchdog_handler(int sig)
+     if (__sync_add_and_fetch(&watchdog_ctx.ticks, 1) > WATCHDOG_MAX_TICKS) {
+         if (getpid() == getpgrp()) {
+             kill(-getpgrp(), SIGTERM);
+-        } else {
+-            _exit(1);
+         }
++        _exit(1);
+     }
+ }
+
Reply to: