From cea07f72b3c1fbab2601095ef37d61ee9a6e0b2b Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Nov 18 2010 13:45:15 +0000 Subject: - Solve a shutdown race-condition that sometimes left processes running - Resolves: rhbz#606887 - SSSD stops on upgrade --- diff --git a/0003-Ensure-that-SSSD-shuts-down-completely-before-restar.patch b/0003-Ensure-that-SSSD-shuts-down-completely-before-restar.patch new file mode 100644 index 0000000..6bf2b99 --- /dev/null +++ b/0003-Ensure-that-SSSD-shuts-down-completely-before-restar.patch @@ -0,0 +1,34 @@ +From e3751e0a7567ccd7cc335a9c73acd278862ab5d0 Mon Sep 17 00:00:00 2001 +From: Stephen Gallagher +Date: Wed, 17 Nov 2010 08:29:19 -0500 +Subject: [PATCH 3/4] Ensure that SSSD shuts down completely before restarting + +--- + src/sysv/sssd | 9 +++++++++ + 1 files changed, 9 insertions(+), 0 deletions(-) + +diff --git a/src/sysv/sssd b/src/sysv/sssd +index 47804371d0be6b537bc03226f0fd67d03c6ce58e..7339d86deb9792285691032bebb5205f4894a671 100644 +--- a/src/sysv/sssd ++++ b/src/sysv/sssd +@@ -48,8 +48,17 @@ start() { + + stop() { + echo -n $"Stopping $prog: " ++ pid=`cat $PID_FILE` ++ + killproc -p $PID_FILE $SSSD -TERM + RETVAL=$? ++ ++ # Wait until the monitor exits ++ while (checkpid $pid) ++ do ++ usleep 100000 ++ done ++ + echo + [ "$RETVAL" = 0 ] && rm -f $LOCK_FILE + return $RETVAL +-- +1.7.3.2 + diff --git a/0004-Wait-for-all-children-to-exit.patch b/0004-Wait-for-all-children-to-exit.patch new file mode 100644 index 0000000..876b713 --- /dev/null +++ b/0004-Wait-for-all-children-to-exit.patch @@ -0,0 +1,96 @@ +From 1f1d7ead30d566a47cdcc2d8fe2618817851e1e1 Mon Sep 17 00:00:00 2001 +From: Stephen Gallagher +Date: Thu, 11 Nov 2010 09:04:22 -0500 +Subject: [PATCH 4/4] Wait for all children to exit + +Previously, there was a race-condition where the monitor might +terminate before its children. +--- + src/monitor/monitor.c | 63 +++++++++++++++++++++++++++++++++++++++++++++++- + 1 files changed, 61 insertions(+), 2 deletions(-) + +diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c +index 6479f7a9fd5877e7b5baaaee4f3f92001506d730..98b671b2970b2a55c34e72a81bfc6e90c36bd820 100644 +--- a/src/monitor/monitor.c ++++ b/src/monitor/monitor.c +@@ -1171,16 +1171,75 @@ static void monitor_quit(struct tevent_context *ev, + void *siginfo, + void *private_data) + { ++ struct mt_ctx *mt_ctx = talloc_get_type(private_data, struct mt_ctx); ++ struct mt_svc *svc; ++ pid_t pid; ++ int status; ++ errno_t error; ++ + DEBUG(8, ("Received shutdown command\n")); +- monitor_cleanup(); ++ ++ DEBUG(0, ("Monitor received %s: terminating children\n", ++ strsignal(signum))); ++ ++ /* Kill all of our known children manually */ ++ DLIST_FOR_EACH(svc, mt_ctx->svc_list) { ++ if (svc->pid == 0) { ++ /* The local provider has no PID */ ++ continue; ++ } ++ ++ DEBUG(1, ("Terminating [%s]\n", svc->name)); ++ kill(svc->pid, SIGTERM); ++ ++ do { ++ errno = 0; ++ pid = waitpid(svc->pid, &status, 0); ++ if (pid == -1) { ++ /* An error occurred while waiting */ ++ error = errno; ++ if (error != EINTR) { ++ DEBUG(0, ("[%d][%s] while waiting for [%s]\n", ++ error, strerror(error), svc->name)); ++ /* Forcibly kill this child */ ++ kill(svc->pid, SIGKILL); ++ break; ++ } ++ } else { ++ error = 0; ++ if WIFEXITED(status) { ++ DEBUG(1, ("Child [%s] exited gracefully\n", svc->name)); ++ } else if WIFSIGNALED(status) { ++ DEBUG(1, ("Child [%s] terminated with a signal\n", svc->name)); ++ } else { ++ DEBUG(0, ("Child [%s] did not exit cleanly\n", svc->name)); ++ /* Forcibly kill this child */ ++ kill(svc->pid, SIGKILL); ++ } ++ } ++ } while (error == EINTR); ++ } + + #if HAVE_GETPGRP ++ /* Kill any remaining children in our process group, just in case ++ * we have any leftover children we don't expect. For example, if ++ * a krb5_child or ldap_child is running at the same moment. ++ */ ++ error = 0; + if (getpgrp() == getpid()) { +- DEBUG(0,("%s: killing children\n", strsignal(signum))); + kill(-getpgrp(), SIGTERM); ++ do { ++ errno = 0; ++ pid = waitpid(0, &status, 0); ++ if (pid == -1) { ++ error = errno; ++ } ++ } while (error == EINTR || pid > 0); + } + #endif + ++ monitor_cleanup(); ++ + exit(0); + } + +-- +1.7.3.2 + diff --git a/sssd.spec b/sssd.spec index c1b757c..aafa0ff 100644 --- a/sssd.spec +++ b/sssd.spec @@ -5,7 +5,7 @@ Name: sssd Version: 1.4.1 -Release: 2%{?dist} +Release: 3%{?dist} Group: Applications/System Summary: System Security Services Daemon License: GPLv3+ @@ -17,6 +17,8 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) Patch0001: 0001-Log-startup-errors-to-syslog.patch Patch0002: 0002-Properly-document-ldap_purge_cache_timeout.patch +Patch0003: 0003-Ensure-that-SSSD-shuts-down-completely-before-restar.patch +Patch0004: 0004-Wait-for-all-children-to-exit.patch ### Dependencies ### @@ -98,6 +100,8 @@ service. %patch0001 -p1 %patch0002 -p1 +%patch0003 -p1 +%patch0004 -p1 %build %configure \ @@ -239,6 +243,10 @@ fi %postun client -p /sbin/ldconfig %changelog +* Thu Nov 18 2010 Stephen Gallagher - 1.4.1-3 +- Solve a shutdown race-condition that sometimes left processes running +- Resolves: rhbz#606887 - SSSD stops on upgrade + * Tue Nov 16 2010 Stephen Gallagher - 1.4.1-2 - Log startup errors to the syslog - Allow cache cleanup to be disabled in sssd.conf