import 389-ds-base-2.2.4-5.el9_2

c9 imports/c9/389-ds-base-2.2.4-5.el9_2
MSVSphere Packaging Team 1 year ago
parent 4a5ed26526
commit e25d6ceeed

@ -1,2 +1,2 @@
e7345ce7d65766dc8d8a779d2661ec76a3913b63 SOURCES/389-ds-base-2.2.4.tar.bz2 abfa28fe644157d06d78f0b2c573d5720d6198b0 SOURCES/389-ds-base-2.2.4.tar.bz2
1c8f2d0dfbf39fa8cd86363bf3314351ab21f8d4 SOURCES/jemalloc-5.3.0.tar.bz2 1c8f2d0dfbf39fa8cd86363bf3314351ab21f8d4 SOURCES/jemalloc-5.3.0.tar.bz2

@ -1,294 +0,0 @@
From 8b89bf22dea16956e4a21174f28ec11f32fc2db4 Mon Sep 17 00:00:00 2001
From: tbordaz <tbordaz@redhat.com>
Date: Mon, 21 Nov 2022 11:41:15 +0100
Subject: [PATCH 1/3] Issue 3729 - (cont) RFE Extend log of operations
statistics in access log (#5538)
Bug description:
This is a continuation of the #3729
The previous fix did not manage internal SRCH, so
statistics of internal SRCH were not logged
Fix description:
For internal operation log_op_stat uses
connid/op_id/op_internal_id/op_nested_count that have been
computed log_result
For direct operation log_op_stat uses info from the
operation itself (o_connid and o_opid)
log_op_stat relies on operation_type rather than
o_tag that is not available for internal operation
relates: #3729
Reviewed by: Pierre Rogier
---
.../tests/suites/ds_logs/ds_logs_test.py | 90 ++++++++++++++++++-
ldap/servers/slapd/proto-slap.h | 2 +-
ldap/servers/slapd/result.c | 74 +++++++++------
3 files changed, 136 insertions(+), 30 deletions(-)
diff --git a/dirsrvtests/tests/suites/ds_logs/ds_logs_test.py b/dirsrvtests/tests/suites/ds_logs/ds_logs_test.py
index 865a6d0a3..67605438b 100644
--- a/dirsrvtests/tests/suites/ds_logs/ds_logs_test.py
+++ b/dirsrvtests/tests/suites/ds_logs/ds_logs_test.py
@@ -13,7 +13,7 @@ import pytest
import subprocess
from lib389._mapped_object import DSLdapObject
from lib389.topologies import topology_st
-from lib389.plugins import AutoMembershipPlugin, ReferentialIntegrityPlugin, AutoMembershipDefinitions
+from lib389.plugins import AutoMembershipPlugin, ReferentialIntegrityPlugin, AutoMembershipDefinitions, MemberOfPlugin
from lib389.idm.user import UserAccounts
from lib389.idm.group import Groups
from lib389.idm.organizationalunit import OrganizationalUnits
@@ -1254,6 +1254,94 @@ def test_stat_index(topology_st, request):
request.addfinalizer(fin)
+def test_stat_internal_op(topology_st, request):
+ """Check that statistics can also be collected for internal operations
+
+ :id: 19f393bd-5866-425a-af7a-4dade06d5c77
+ :setup: Standalone Instance
+ :steps:
+ 1. Check that nsslapd-statlog-level is 0 (default)
+ 2. Enable memberof plugins
+ 3. Create a user
+ 4. Remove access log (to only detect new records)
+ 5. Enable statistic logging nsslapd-statlog-level=1
+ 6. Check that on direct SRCH there is no 'Internal' Stat records
+ 7. Remove access log (to only detect new records)
+ 8. Add group with the user, so memberof triggers internal search
+ and check it exists 'Internal' Stat records
+ :expectedresults:
+ 1. Success
+ 2. Success
+ 3. Success
+ 4. Success
+ 5. Success
+ 6. Success
+ 7. Success
+ 8. Success
+ """
+
+ inst = topology_st.standalone
+
+ # Step 1
+ log.info("Assert nsslapd-statlog-level is by default 0")
+ assert topology_st.standalone.config.get_attr_val_int("nsslapd-statlog-level") == 0
+
+ # Step 2
+ memberof = MemberOfPlugin(inst)
+ memberof.enable()
+ inst.restart()
+
+ # Step 3 Add setup entries
+ users = UserAccounts(inst, DEFAULT_SUFFIX, rdn=None)
+ user = users.create(properties={'uid': 'test_1',
+ 'cn': 'test_1',
+ 'sn': 'test_1',
+ 'description': 'member',
+ 'uidNumber': '1000',
+ 'gidNumber': '2000',
+ 'homeDirectory': '/home/testuser'})
+ # Step 4 reset accesslog
+ topology_st.standalone.stop()
+ lpath = topology_st.standalone.ds_access_log._get_log_path()
+ os.unlink(lpath)
+ topology_st.standalone.start()
+
+ # Step 5 enable statistics
+ log.info("Set nsslapd-statlog-level: 1 to enable indexing statistics")
+ topology_st.standalone.config.set("nsslapd-statlog-level", "1")
+
+ # Step 6 for direct SRCH only non internal STAT records
+ entries = topology_st.standalone.search_s(DEFAULT_SUFFIX, ldap.SCOPE_SUBTREE, "uid=test_1")
+ topology_st.standalone.stop()
+ assert topology_st.standalone.ds_access_log.match('.*STAT read index.*')
+ assert topology_st.standalone.ds_access_log.match('.*STAT read index: attribute.*')
+ assert topology_st.standalone.ds_access_log.match('.*STAT read index: duration.*')
+ assert not topology_st.standalone.ds_access_log.match('.*Internal.*STAT.*')
+ topology_st.standalone.start()
+
+ # Step 7 reset accesslog
+ topology_st.standalone.stop()
+ lpath = topology_st.standalone.ds_access_log._get_log_path()
+ os.unlink(lpath)
+ topology_st.standalone.start()
+
+ # Step 8 trigger internal searches and check internal stat records
+ groups = Groups(inst, DEFAULT_SUFFIX, rdn=None)
+ group = groups.create(properties={'cn': 'mygroup',
+ 'member': 'uid=test_1,%s' % DEFAULT_SUFFIX,
+ 'description': 'group'})
+ topology_st.standalone.restart()
+ assert topology_st.standalone.ds_access_log.match('.*Internal.*STAT read index.*')
+ assert topology_st.standalone.ds_access_log.match('.*Internal.*STAT read index: attribute.*')
+ assert topology_st.standalone.ds_access_log.match('.*Internal.*STAT read index: duration.*')
+
+ def fin():
+ log.info('Deleting user/group')
+ user.delete()
+ group.delete()
+
+ request.addfinalizer(fin)
+
if __name__ == '__main__':
# Run isolated
# -s for DEBUG mode
diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h
index 77832797b..c63ad8e74 100644
--- a/ldap/servers/slapd/proto-slap.h
+++ b/ldap/servers/slapd/proto-slap.h
@@ -515,7 +515,7 @@ long long config_get_pw_minage(void);
long long config_get_pw_warning(void);
int config_get_errorlog_level(void);
int config_get_accesslog_level(void);
-int config_get_statlog_level();
+int config_get_statlog_level(void);
int config_get_securitylog_level(void);
int config_get_auditlog_logging_enabled(void);
int config_get_auditfaillog_logging_enabled(void);
diff --git a/ldap/servers/slapd/result.c b/ldap/servers/slapd/result.c
index c8b363cce..2ba205e04 100644
--- a/ldap/servers/slapd/result.c
+++ b/ldap/servers/slapd/result.c
@@ -33,7 +33,7 @@ static long current_conn_count;
static PRLock *current_conn_count_mutex;
static int flush_ber(Slapi_PBlock *pb, Connection *conn, Operation *op, BerElement *ber, int type);
static char *notes2str(unsigned int notes, char *buf, size_t buflen);
-static void log_op_stat(Slapi_PBlock *pb);
+static void log_op_stat(Slapi_PBlock *pb, uint64_t connid, int32_t op_id, int32_t op_internal_id, int32_t op_nested_count);
static void log_result(Slapi_PBlock *pb, Operation *op, int err, ber_tag_t tag, int nentries);
static void log_entry(Operation *op, Slapi_Entry *e);
static void log_referral(Operation *op);
@@ -2000,65 +2000,82 @@ notes2str(unsigned int notes, char *buf, size_t buflen)
return (buf);
}
+#define STAT_LOG_CONN_OP_FMT_INT_INT "conn=Internal(%" PRIu64 ") op=%d(%d)(%d)"
+#define STAT_LOG_CONN_OP_FMT_EXT_INT "conn=%" PRIu64 " (Internal) op=%d(%d)(%d)"
static void
-log_op_stat(Slapi_PBlock *pb)
+log_op_stat(Slapi_PBlock *pb, uint64_t connid, int32_t op_id, int32_t op_internal_id, int32_t op_nested_count)
{
-
- Connection *conn = NULL;
Operation *op = NULL;
Op_stat *op_stat;
struct timespec duration;
char stat_etime[ETIME_BUFSIZ] = {0};
+ int internal_op;
if (config_get_statlog_level() == 0) {
return;
}
- slapi_pblock_get(pb, SLAPI_CONNECTION, &conn);
slapi_pblock_get(pb, SLAPI_OPERATION, &op);
+ internal_op = operation_is_flag_set(op, OP_FLAG_INTERNAL);
op_stat = op_stat_get_operation_extension(pb);
- if (conn == NULL || op == NULL || op_stat == NULL) {
+ if (op == NULL || op_stat == NULL) {
return;
}
/* process the operation */
- switch (op->o_tag) {
- case LDAP_REQ_BIND:
- case LDAP_REQ_UNBIND:
- case LDAP_REQ_ADD:
- case LDAP_REQ_DELETE:
- case LDAP_REQ_MODRDN:
- case LDAP_REQ_MODIFY:
- case LDAP_REQ_COMPARE:
+ switch (operation_get_type(op)) {
+ case SLAPI_OPERATION_BIND:
+ case SLAPI_OPERATION_UNBIND:
+ case SLAPI_OPERATION_ADD:
+ case SLAPI_OPERATION_DELETE:
+ case SLAPI_OPERATION_MODRDN:
+ case SLAPI_OPERATION_MODIFY:
+ case SLAPI_OPERATION_COMPARE:
+ case SLAPI_OPERATION_EXTENDED:
break;
- case LDAP_REQ_SEARCH:
+ case SLAPI_OPERATION_SEARCH:
if ((LDAP_STAT_READ_INDEX & config_get_statlog_level()) &&
op_stat->search_stat) {
struct component_keys_lookup *key_info;
for (key_info = op_stat->search_stat->keys_lookup; key_info; key_info = key_info->next) {
- slapi_log_stat(LDAP_STAT_READ_INDEX,
- "conn=%" PRIu64 " op=%d STAT read index: attribute=%s key(%s)=%s --> count %d\n",
- op->o_connid, op->o_opid,
- key_info->attribute_type, key_info->index_type, key_info->key,
- key_info->id_lookup_cnt);
+ if (internal_op) {
+ slapi_log_stat(LDAP_STAT_READ_INDEX,
+ connid == 0 ? STAT_LOG_CONN_OP_FMT_INT_INT "STAT read index: attribute=%s key(%s)=%s --> count %d\n":
+ STAT_LOG_CONN_OP_FMT_EXT_INT "STAT read index: attribute=%s key(%s)=%s --> count %d\n",
+ connid, op_id, op_internal_id, op_nested_count,
+ key_info->attribute_type, key_info->index_type, key_info->key,
+ key_info->id_lookup_cnt);
+ } else {
+ slapi_log_stat(LDAP_STAT_READ_INDEX,
+ "conn=%" PRIu64 " op=%d STAT read index: attribute=%s key(%s)=%s --> count %d\n",
+ connid, op_id,
+ key_info->attribute_type, key_info->index_type, key_info->key,
+ key_info->id_lookup_cnt);
+ }
}
/* total elapsed time */
slapi_timespec_diff(&op_stat->search_stat->keys_lookup_end, &op_stat->search_stat->keys_lookup_start, &duration);
snprintf(stat_etime, ETIME_BUFSIZ, "%" PRId64 ".%.09" PRId64 "", (int64_t)duration.tv_sec, (int64_t)duration.tv_nsec);
- slapi_log_stat(LDAP_STAT_READ_INDEX,
- "conn=%" PRIu64 " op=%d STAT read index: duration %s\n",
- op->o_connid, op->o_opid, stat_etime);
+ if (internal_op) {
+ slapi_log_stat(LDAP_STAT_READ_INDEX,
+ connid == 0 ? STAT_LOG_CONN_OP_FMT_INT_INT "STAT read index: duration %s\n":
+ STAT_LOG_CONN_OP_FMT_EXT_INT "STAT read index: duration %s\n",
+ connid, op_id, op_internal_id, op_nested_count, stat_etime);
+ } else {
+ slapi_log_stat(LDAP_STAT_READ_INDEX,
+ "conn=%" PRIu64 " op=%d STAT read index: duration %s\n",
+ op->o_connid, op->o_opid, stat_etime);
+ }
}
break;
- case LDAP_REQ_ABANDON_30:
- case LDAP_REQ_ABANDON:
+ case SLAPI_OPERATION_ABANDON:
break;
default:
slapi_log_err(SLAPI_LOG_ERR,
- "log_op_stat", "Ignoring unknown LDAP request (conn=%" PRIu64 ", tag=0x%lx)\n",
- conn->c_connid, op->o_tag);
+ "log_op_stat", "Ignoring unknown LDAP request (conn=%" PRIu64 ", op_type=0x%lx)\n",
+ connid, operation_get_type(op));
break;
}
}
@@ -2218,7 +2235,7 @@ log_result(Slapi_PBlock *pb, Operation *op, int err, ber_tag_t tag, int nentries
} else {
ext_str = "";
}
- log_op_stat(pb);
+ log_op_stat(pb, op->o_connid, op->o_opid, 0, 0);
slapi_log_access(LDAP_DEBUG_STATS,
"conn=%" PRIu64 " op=%d RESULT err=%d"
" tag=%" BERTAG_T " nentries=%d wtime=%s optime=%s etime=%s%s%s%s\n",
@@ -2233,6 +2250,7 @@ log_result(Slapi_PBlock *pb, Operation *op, int err, ber_tag_t tag, int nentries
}
} else {
int optype;
+ log_op_stat(pb, connid, op_id, op_internal_id, op_nested_count);
#define LOG_MSG_FMT " tag=%" BERTAG_T " nentries=%d wtime=%s optime=%s etime=%s%s%s\n"
slapi_log_access(LDAP_DEBUG_ARGS,
connid == 0 ? LOG_CONN_OP_FMT_INT_INT LOG_MSG_FMT :
--
2.38.1

@ -0,0 +1,84 @@
diff --git a/src/librnsslapd/Cargo.toml b/src/librnsslapd/Cargo.toml
index c18ab7fc8..11bb9afe7 100644
--- a/src/librnsslapd/Cargo.toml
+++ b/src/librnsslapd/Cargo.toml
@@ -2,7 +2,6 @@
name = "librnsslapd"
version = "0.1.0"
authors = ["William Brown <william@blackhats.net.au>"]
-rust-version = "1.70"
edition = "2018"
build = "build.rs"
diff --git a/src/librslapd/Cargo.toml b/src/librslapd/Cargo.toml
index fb445c251..15c00a47b 100644
--- a/src/librslapd/Cargo.toml
+++ b/src/librslapd/Cargo.toml
@@ -2,7 +2,6 @@
name = "librslapd"
version = "0.1.0"
authors = ["William Brown <william@blackhats.net.au>"]
-rust-version = "1.70"
edition = "2018"
build = "build.rs"
diff --git a/src/plugins/entryuuid/Cargo.toml b/src/plugins/entryuuid/Cargo.toml
index f0d8e9f2a..c43d7a771 100644
--- a/src/plugins/entryuuid/Cargo.toml
+++ b/src/plugins/entryuuid/Cargo.toml
@@ -2,7 +2,6 @@
name = "entryuuid"
version = "0.1.0"
authors = ["William Brown <william@blackhats.net.au>"]
-rust-version = "1.70"
edition = "2018"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/src/plugins/entryuuid_syntax/Cargo.toml b/src/plugins/entryuuid_syntax/Cargo.toml
index d80b59bf1..f7d3d64c9 100644
--- a/src/plugins/entryuuid_syntax/Cargo.toml
+++ b/src/plugins/entryuuid_syntax/Cargo.toml
@@ -2,7 +2,6 @@
name = "entryuuid_syntax"
version = "0.1.0"
authors = ["William Brown <william@blackhats.net.au>"]
-rust-version = "1.70"
edition = "2018"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/src/plugins/pwdchan/Cargo.toml b/src/plugins/pwdchan/Cargo.toml
index 3cda69f22..40d8a54aa 100644
--- a/src/plugins/pwdchan/Cargo.toml
+++ b/src/plugins/pwdchan/Cargo.toml
@@ -2,7 +2,6 @@
name = "pwdchan"
version = "0.1.0"
authors = ["William Brown <william@blackhats.net.au>"]
-rust-version = "1.70"
edition = "2018"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/src/slapd/Cargo.toml b/src/slapd/Cargo.toml
index 39b6fdd1d..a18cb7626 100644
--- a/src/slapd/Cargo.toml
+++ b/src/slapd/Cargo.toml
@@ -2,7 +2,6 @@
name = "slapd"
version = "0.1.0"
authors = ["William Brown <william@blackhats.net.au>"]
-rust-version = "1.70"
edition = "2018"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/src/slapi_r_plugin/Cargo.toml b/src/slapi_r_plugin/Cargo.toml
index 024bd464a..9d197ec85 100644
--- a/src/slapi_r_plugin/Cargo.toml
+++ b/src/slapi_r_plugin/Cargo.toml
@@ -2,7 +2,6 @@
name = "slapi_r_plugin"
version = "0.1.0"
authors = ["William Brown <william@blackhats.net.au>"]
-rust-version = "1.70"
edition = "2018"
build = "build.rs"

@ -1,30 +0,0 @@
From 3bc889b6564b70c5113f74e8add1a47b38fce04b Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Mon, 28 Nov 2022 09:47:09 -0500
Subject: [PATCH 2/3] Issue 5544 - Increase default task TTL
Description: Increase the Time To Live of tasks from 1 hour to 12 hours
relates: https://github.com/389ds/389-ds-base/issues/5544
Reviewed by: progier(Thanks!)
---
ldap/servers/slapd/task.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ldap/servers/slapd/task.c b/ldap/servers/slapd/task.c
index c0e3dd7c4..1dc4f6b28 100644
--- a/ldap/servers/slapd/task.c
+++ b/ldap/servers/slapd/task.c
@@ -48,7 +48,7 @@ static uint64_t shutting_down = 0;
#define TASK_DATE_NAME "nsTaskCreated"
#define TASK_WARNING_NAME "nsTaskWarning"
-#define DEFAULT_TTL "3600" /* seconds */
+#define DEFAULT_TTL "43200" /* 12 hours in seconds */
#define TASK_SYSCONFIG_FILE_ATTR "sysconfigfile" /* sysconfig reload task file attr */
#define TASK_SYSCONFIG_LOGCHANGES_ATTR "logchanges"
#define TASK_TOMBSTONE_FIXUP "fixup tombstones task"
--
2.38.1

@ -1,219 +0,0 @@
From 99dbba52eb45628c7f290e9ed3aeabb2a2a67db4 Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Tue, 13 Dec 2022 09:41:34 -0500
Subject: [PATCH] Issue 5413 - Allow mutliple MemberOf fixup tasks with
different bases/filters
Description:
A change was made to only allow a single fixup task at a time, but there are
cases where you would want to run mutliple tasks but on different branches/filters.
Now we maintain a linked list of bases/filters of the current running tasks to
monitor this.
relates: https://github.com/389ds/389-ds-base/issues/5413
Reviewed by: tbordaz(Thanks!)
---
.../suites/memberof_plugin/fixup_test.py | 5 +-
ldap/servers/plugins/memberof/memberof.c | 101 ++++++++++++++----
2 files changed, 85 insertions(+), 21 deletions(-)
diff --git a/dirsrvtests/tests/suites/memberof_plugin/fixup_test.py b/dirsrvtests/tests/suites/memberof_plugin/fixup_test.py
index 9566e144c..d5369439f 100644
--- a/dirsrvtests/tests/suites/memberof_plugin/fixup_test.py
+++ b/dirsrvtests/tests/suites/memberof_plugin/fixup_test.py
@@ -59,12 +59,15 @@ def test_fixup_task_limit(topo):
with pytest.raises(ldap.UNWILLING_TO_PERFORM):
memberof.fixup(DEFAULT_SUFFIX)
+ # Add second task but on different suffix which should be allowed
+ memberof.fixup("ou=people," + DEFAULT_SUFFIX)
+
# Wait for first task to complete
task.wait()
# Add new task which should be allowed now
memberof.fixup(DEFAULT_SUFFIX)
-
+
if __name__ == '__main__':
# Run isolated
diff --git a/ldap/servers/plugins/memberof/memberof.c b/ldap/servers/plugins/memberof/memberof.c
index 0b8cfe95c..a14617044 100644
--- a/ldap/servers/plugins/memberof/memberof.c
+++ b/ldap/servers/plugins/memberof/memberof.c
@@ -52,7 +52,6 @@ static Slapi_DN* _pluginDN = NULL;
MemberOfConfig *qsortConfig = 0;
static int usetxn = 0;
static int premodfn = 0;
-static PRBool fixup_running = PR_FALSE;
static PRLock *fixup_lock = NULL;
static int32_t fixup_progress_count = 0;
static int64_t fixup_progress_elapsed = 0;
@@ -65,6 +64,15 @@ typedef struct _memberofstringll
void *next;
} memberofstringll;
+typedef struct _fixup_ll
+{
+ Slapi_DN *sdn;
+ char *filter_str;
+ void *next;
+} mo_fixup_ll;
+
+static mo_fixup_ll *fixup_list = NULL;
+
typedef struct _memberof_get_groups_data
{
MemberOfConfig *config;
@@ -438,6 +446,15 @@ memberof_postop_close(Slapi_PBlock *pb __attribute__((unused)))
PR_DestroyLock(fixup_lock);
fixup_lock = NULL;
+ mo_fixup_ll *fixup_task = fixup_list;
+ while (fixup_task != NULL) {
+ mo_fixup_ll *tmp = fixup_task;
+ fixup_task = fixup_task->next;
+ slapi_sdn_free(&tmp->sdn);
+ slapi_ch_free_string(&tmp->filter_str);
+ slapi_ch_free((void**)&tmp);
+ }
+
slapi_log_err(SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,
"<-- memberof_postop_close\n");
return 0;
@@ -2817,7 +2834,6 @@ memberof_fixup_task_thread(void *arg)
}
PR_Lock(fixup_lock);
- fixup_running = PR_TRUE;
fixup_progress_count = 0;
fixup_progress_elapsed = slapi_current_rel_time_t();
fixup_start_time = slapi_current_rel_time_t();
@@ -2849,11 +2865,10 @@ memberof_fixup_task_thread(void *arg)
/* Mark this as a task operation */
configCopy.fixup_task = 1;
configCopy.task = task;
-
+ Slapi_DN *sdn = slapi_sdn_new_dn_byref(td->dn);
if (usetxn) {
- Slapi_DN *sdn = slapi_sdn_new_dn_byref(td->dn);
Slapi_Backend *be = slapi_be_select_exact(sdn);
- slapi_sdn_free(&sdn);
+
if (be) {
fixup_pb = slapi_pblock_new();
slapi_pblock_set(fixup_pb, SLAPI_BACKEND, be);
@@ -2894,14 +2909,37 @@ done:
fixup_progress_count, slapi_current_rel_time_t() - fixup_start_time);
slapi_task_inc_progress(task);
+ /* Cleanup task linked list */
+ PR_Lock(fixup_lock);
+ mo_fixup_ll *prev = NULL;
+ for (mo_fixup_ll *curr = fixup_list; curr; curr = curr->next) {
+ mo_fixup_ll *next = curr->next;
+ if (slapi_sdn_compare(curr->sdn, sdn) == 0 &&
+ strcasecmp(curr->filter_str, td->filter_str) == 0)
+ {
+ /* free current code */
+ slapi_sdn_free(&curr->sdn);
+ slapi_ch_free_string(&curr->filter_str);
+ slapi_ch_free((void**)&curr);
+
+ /* update linked list */
+ if (prev == NULL) {
+ /* first node */
+ fixup_list = next;
+ } else {
+ prev->next = next;
+ }
+ break;
+ }
+ prev = curr;
+ }
+ PR_Unlock(fixup_lock);
+ slapi_sdn_free(&sdn);
+
/* this will queue the destruction of the task */
slapi_task_finish(task, rc);
slapi_task_dec_refcount(task);
- PR_Lock(fixup_lock);
- fixup_running = PR_FALSE;
- PR_Unlock(fixup_lock);
-
slapi_log_err(SLAPI_LOG_INFO, MEMBEROF_PLUGIN_SUBSYSTEM,
"memberof_fixup_task_thread - Memberof task finished (processed %d entries in %ld seconds)\n",
fixup_progress_count, slapi_current_rel_time_t() - fixup_start_time);
@@ -2919,23 +2957,13 @@ memberof_task_add(Slapi_PBlock *pb,
int rv = SLAPI_DSE_CALLBACK_OK;
task_data *mytaskdata = NULL;
Slapi_Task *task = NULL;
+ Slapi_DN *sdn = NULL;
char *bind_dn;
const char *filter;
const char *dn = 0;
*returncode = LDAP_SUCCESS;
- PR_Lock(fixup_lock);
- if (fixup_running) {
- PR_Unlock(fixup_lock);
- *returncode = LDAP_UNWILLING_TO_PERFORM;
- slapi_log_err(SLAPI_LOG_ERR, MEMBEROF_PLUGIN_SUBSYSTEM,
- "memberof_task_add - there is already a fixup task running\n");
- rv = SLAPI_DSE_CALLBACK_ERROR;
- goto out;
- }
- PR_Unlock(fixup_lock);
-
/* get arg(s) */
if ((dn = slapi_entry_attr_get_ref(e, "basedn")) == NULL) {
*returncode = LDAP_OBJECT_CLASS_VIOLATION;
@@ -2949,6 +2977,39 @@ memberof_task_add(Slapi_PBlock *pb,
goto out;
}
+ PR_Lock(fixup_lock);
+ sdn = slapi_sdn_new_dn_byval(dn);
+ if (fixup_list == NULL) {
+ fixup_list = (mo_fixup_ll *)slapi_ch_calloc(1, sizeof(mo_fixup_ll));
+ fixup_list->sdn = sdn;
+ fixup_list->filter_str = slapi_ch_strdup(filter);
+ } else {
+ for (mo_fixup_ll *fixup_task = fixup_list; fixup_task; fixup_task = fixup_task->next) {
+ if (slapi_sdn_compare(sdn, fixup_task->sdn) == 0 &&
+ strcasecmp(filter, fixup_task->filter_str) == 0)
+ {
+ /* Found an identical running task, reject it */
+ PR_Unlock(fixup_lock);
+ slapi_log_err(SLAPI_LOG_ERR, MEMBEROF_PLUGIN_SUBSYSTEM,
+ "memberof_task_add - there is already an identical fixup task running: base: %s filter: %s\n",
+ slapi_sdn_get_dn(sdn), filter);
+ slapi_sdn_free(&sdn);
+ *returncode = LDAP_UNWILLING_TO_PERFORM;
+ rv = SLAPI_DSE_CALLBACK_ERROR;
+ goto out;
+ }
+ }
+ /* Add the new task DN to the top of the list */
+ mo_fixup_ll *head = fixup_list;
+ mo_fixup_ll *new_task = (mo_fixup_ll *)slapi_ch_calloc(1, sizeof(mo_fixup_ll));
+ new_task->sdn = sdn;
+ new_task->filter_str = slapi_ch_strdup(filter);
+ new_task->next = head;
+ fixup_list = new_task;
+ }
+ PR_Unlock(fixup_lock);
+
+
/* setup our task data */
slapi_pblock_get(pb, SLAPI_REQUESTOR_DN, &bind_dn);
mytaskdata = (task_data *)slapi_ch_malloc(sizeof(task_data));
--
2.38.1

@ -0,0 +1,3 @@
#Type Name ID GECOS Home directory Shell
g dirsrv 389
u dirsrv 389:389 "user for 389-ds-base" /usr/share/dirsrv/ /sbin/nologin

@ -47,7 +47,7 @@ ExcludeArch: i686
Summary: 389 Directory Server (base) Summary: 389 Directory Server (base)
Name: 389-ds-base Name: 389-ds-base
Version: 2.2.4 Version: 2.2.4
Release: 3%{?dist} Release: 5%{?dist}
License: GPLv3+ and (ASL 2.0 or MIT) License: GPLv3+ and (ASL 2.0 or MIT)
URL: https://www.port389.org URL: https://www.port389.org
Conflicts: selinux-policy-base < 3.9.8 Conflicts: selinux-policy-base < 3.9.8
@ -58,82 +58,94 @@ Obsoletes: %{name}-legacy-tools-debuginfo < 1.4.4.6
Provides: ldif2ldbm >= 0 Provides: ldif2ldbm >= 0
##### Bundled cargo crates list - START ##### ##### Bundled cargo crates list - START #####
Provides: bundled(crate(addr2line)) = 0.20.0
Provides: bundled(crate(adler)) = 1.0.2
Provides: bundled(crate(ahash)) = 0.7.6 Provides: bundled(crate(ahash)) = 0.7.6
Provides: bundled(crate(ansi_term)) = 0.12.1 Provides: bundled(crate(ansi_term)) = 0.12.1
Provides: bundled(crate(atty)) = 0.2.14 Provides: bundled(crate(atty)) = 0.2.14
Provides: bundled(crate(autocfg)) = 1.1.0 Provides: bundled(crate(autocfg)) = 1.1.0
Provides: bundled(crate(base64)) = 0.13.0 Provides: bundled(crate(backtrace)) = 0.3.68
Provides: bundled(crate(base64)) = 0.13.1
Provides: bundled(crate(bitflags)) = 1.3.2 Provides: bundled(crate(bitflags)) = 1.3.2
Provides: bundled(crate(bitflags)) = 2.4.0
Provides: bundled(crate(byteorder)) = 1.4.3 Provides: bundled(crate(byteorder)) = 1.4.3
Provides: bundled(crate(cbindgen)) = 0.9.1 Provides: bundled(crate(cbindgen)) = 0.9.1
Provides: bundled(crate(cc)) = 1.0.73 Provides: bundled(crate(cc)) = 1.0.82
Provides: bundled(crate(cfg-if)) = 1.0.0 Provides: bundled(crate(cfg-if)) = 1.0.0
Provides: bundled(crate(clap)) = 2.34.0 Provides: bundled(crate(clap)) = 2.34.0
Provides: bundled(crate(concread)) = 0.2.21 Provides: bundled(crate(concread)) = 0.2.21
Provides: bundled(crate(crossbeam)) = 0.8.2 Provides: bundled(crate(crossbeam)) = 0.8.2
Provides: bundled(crate(crossbeam-channel)) = 0.5.6 Provides: bundled(crate(crossbeam-channel)) = 0.5.8
Provides: bundled(crate(crossbeam-deque)) = 0.8.2 Provides: bundled(crate(crossbeam-deque)) = 0.8.3
Provides: bundled(crate(crossbeam-epoch)) = 0.9.10 Provides: bundled(crate(crossbeam-epoch)) = 0.9.15
Provides: bundled(crate(crossbeam-queue)) = 0.3.6 Provides: bundled(crate(crossbeam-queue)) = 0.3.8
Provides: bundled(crate(crossbeam-utils)) = 0.8.11 Provides: bundled(crate(crossbeam-utils)) = 0.8.16
Provides: bundled(crate(entryuuid)) = 0.1.0 Provides: bundled(crate(entryuuid)) = 0.1.0
Provides: bundled(crate(entryuuid_syntax)) = 0.1.0 Provides: bundled(crate(entryuuid_syntax)) = 0.1.0
Provides: bundled(crate(fastrand)) = 1.8.0 Provides: bundled(crate(errno)) = 0.3.2
Provides: bundled(crate(errno-dragonfly)) = 0.1.2
Provides: bundled(crate(fastrand)) = 2.0.0
Provides: bundled(crate(fernet)) = 0.1.4 Provides: bundled(crate(fernet)) = 0.1.4
Provides: bundled(crate(foreign-types)) = 0.3.2 Provides: bundled(crate(foreign-types)) = 0.3.2
Provides: bundled(crate(foreign-types-shared)) = 0.1.1 Provides: bundled(crate(foreign-types-shared)) = 0.1.1
Provides: bundled(crate(getrandom)) = 0.2.7 Provides: bundled(crate(getrandom)) = 0.2.10
Provides: bundled(crate(gimli)) = 0.27.3
Provides: bundled(crate(hashbrown)) = 0.12.3 Provides: bundled(crate(hashbrown)) = 0.12.3
Provides: bundled(crate(hermit-abi)) = 0.1.19 Provides: bundled(crate(hermit-abi)) = 0.1.19
Provides: bundled(crate(instant)) = 0.1.12 Provides: bundled(crate(instant)) = 0.1.12
Provides: bundled(crate(itoa)) = 1.0.3 Provides: bundled(crate(itoa)) = 1.0.9
Provides: bundled(crate(jobserver)) = 0.1.24 Provides: bundled(crate(jobserver)) = 0.1.26
Provides: bundled(crate(libc)) = 0.2.132 Provides: bundled(crate(libc)) = 0.2.147
Provides: bundled(crate(librnsslapd)) = 0.1.0 Provides: bundled(crate(librnsslapd)) = 0.1.0
Provides: bundled(crate(librslapd)) = 0.1.0 Provides: bundled(crate(librslapd)) = 0.1.0
Provides: bundled(crate(lock_api)) = 0.4.7 Provides: bundled(crate(linux-raw-sys)) = 0.4.5
Provides: bundled(crate(log)) = 0.4.17 Provides: bundled(crate(lock_api)) = 0.4.10
Provides: bundled(crate(log)) = 0.4.19
Provides: bundled(crate(lru)) = 0.7.8 Provides: bundled(crate(lru)) = 0.7.8
Provides: bundled(crate(memoffset)) = 0.6.5 Provides: bundled(crate(memchr)) = 2.5.0
Provides: bundled(crate(once_cell)) = 1.13.1 Provides: bundled(crate(memoffset)) = 0.9.0
Provides: bundled(crate(openssl)) = 0.10.41 Provides: bundled(crate(miniz_oxide)) = 0.7.1
Provides: bundled(crate(openssl-macros)) = 0.1.0 Provides: bundled(crate(object)) = 0.31.1
Provides: bundled(crate(openssl-sys)) = 0.9.75 Provides: bundled(crate(once_cell)) = 1.18.0
Provides: bundled(crate(openssl)) = 0.10.56
Provides: bundled(crate(openssl-macros)) = 0.1.1
Provides: bundled(crate(openssl-sys)) = 0.9.91
Provides: bundled(crate(parking_lot)) = 0.11.2 Provides: bundled(crate(parking_lot)) = 0.11.2
Provides: bundled(crate(parking_lot_core)) = 0.8.5 Provides: bundled(crate(parking_lot_core)) = 0.8.6
Provides: bundled(crate(paste)) = 0.1.18 Provides: bundled(crate(paste)) = 0.1.18
Provides: bundled(crate(paste-impl)) = 0.1.18 Provides: bundled(crate(paste-impl)) = 0.1.18
Provides: bundled(crate(pin-project-lite)) = 0.2.9 Provides: bundled(crate(pin-project-lite)) = 0.2.12
Provides: bundled(crate(pkg-config)) = 0.3.25 Provides: bundled(crate(pkg-config)) = 0.3.27
Provides: bundled(crate(ppv-lite86)) = 0.2.16 Provides: bundled(crate(ppv-lite86)) = 0.2.17
Provides: bundled(crate(proc-macro-hack)) = 0.5.19 Provides: bundled(crate(proc-macro-hack)) = 0.5.20+deprecated
Provides: bundled(crate(proc-macro2)) = 1.0.43 Provides: bundled(crate(proc-macro2)) = 1.0.66
Provides: bundled(crate(pwdchan)) = 0.1.0 Provides: bundled(crate(pwdchan)) = 0.1.0
Provides: bundled(crate(quote)) = 1.0.21 Provides: bundled(crate(quote)) = 1.0.32
Provides: bundled(crate(rand)) = 0.8.5 Provides: bundled(crate(rand)) = 0.8.5
Provides: bundled(crate(rand_chacha)) = 0.3.1 Provides: bundled(crate(rand_chacha)) = 0.3.1
Provides: bundled(crate(rand_core)) = 0.6.3 Provides: bundled(crate(rand_core)) = 0.6.4
Provides: bundled(crate(redox_syscall)) = 0.2.16 Provides: bundled(crate(redox_syscall)) = 0.2.16
Provides: bundled(crate(remove_dir_all)) = 0.5.3 Provides: bundled(crate(redox_syscall)) = 0.3.5
Provides: bundled(crate(ryu)) = 1.0.11 Provides: bundled(crate(rustc-demangle)) = 0.1.23
Provides: bundled(crate(scopeguard)) = 1.1.0 Provides: bundled(crate(rustix)) = 0.38.8
Provides: bundled(crate(serde)) = 1.0.143 Provides: bundled(crate(ryu)) = 1.0.15
Provides: bundled(crate(serde_derive)) = 1.0.143 Provides: bundled(crate(scopeguard)) = 1.2.0
Provides: bundled(crate(serde_json)) = 1.0.83 Provides: bundled(crate(serde)) = 1.0.183
Provides: bundled(crate(serde_derive)) = 1.0.183
Provides: bundled(crate(serde_json)) = 1.0.104
Provides: bundled(crate(slapd)) = 0.1.0 Provides: bundled(crate(slapd)) = 0.1.0
Provides: bundled(crate(slapi_r_plugin)) = 0.1.0 Provides: bundled(crate(slapi_r_plugin)) = 0.1.0
Provides: bundled(crate(smallvec)) = 1.9.0 Provides: bundled(crate(smallvec)) = 1.11.0
Provides: bundled(crate(strsim)) = 0.8.0 Provides: bundled(crate(strsim)) = 0.8.0
Provides: bundled(crate(syn)) = 1.0.99 Provides: bundled(crate(syn)) = 1.0.109
Provides: bundled(crate(synstructure)) = 0.12.6 Provides: bundled(crate(syn)) = 2.0.28
Provides: bundled(crate(tempfile)) = 3.3.0 Provides: bundled(crate(tempfile)) = 3.7.1
Provides: bundled(crate(textwrap)) = 0.11.0 Provides: bundled(crate(textwrap)) = 0.11.0
Provides: bundled(crate(tokio)) = 1.20.1 Provides: bundled(crate(tokio)) = 1.30.0
Provides: bundled(crate(tokio-macros)) = 1.8.0 Provides: bundled(crate(tokio-macros)) = 2.1.0
Provides: bundled(crate(toml)) = 0.5.9 Provides: bundled(crate(toml)) = 0.5.11
Provides: bundled(crate(unicode-ident)) = 1.0.3 Provides: bundled(crate(unicode-ident)) = 1.0.11
Provides: bundled(crate(unicode-width)) = 0.1.9 Provides: bundled(crate(unicode-width)) = 0.1.10
Provides: bundled(crate(unicode-xid)) = 0.2.3
Provides: bundled(crate(uuid)) = 0.8.2 Provides: bundled(crate(uuid)) = 0.8.2
Provides: bundled(crate(vcpkg)) = 0.2.15 Provides: bundled(crate(vcpkg)) = 0.2.15
Provides: bundled(crate(vec_map)) = 0.8.2 Provides: bundled(crate(vec_map)) = 0.8.2
@ -142,8 +154,18 @@ Provides: bundled(crate(wasi)) = 0.11.0+wasi_snapshot_preview1
Provides: bundled(crate(winapi)) = 0.3.9 Provides: bundled(crate(winapi)) = 0.3.9
Provides: bundled(crate(winapi-i686-pc-windows-gnu)) = 0.4.0 Provides: bundled(crate(winapi-i686-pc-windows-gnu)) = 0.4.0
Provides: bundled(crate(winapi-x86_64-pc-windows-gnu)) = 0.4.0 Provides: bundled(crate(winapi-x86_64-pc-windows-gnu)) = 0.4.0
Provides: bundled(crate(zeroize)) = 1.5.7 Provides: bundled(crate(windows-sys)) = 0.48.0
Provides: bundled(crate(zeroize_derive)) = 1.3.2 Provides: bundled(crate(windows-targets)) = 0.48.1
Provides: bundled(crate(windows_aarch64_gnullvm)) = 0.48.0
Provides: bundled(crate(windows_aarch64_msvc)) = 0.48.0
Provides: bundled(crate(windows_i686_gnu)) = 0.48.0
Provides: bundled(crate(windows_i686_msvc)) = 0.48.0
Provides: bundled(crate(windows_x86_64_gnu)) = 0.48.0
Provides: bundled(crate(windows_x86_64_gnullvm)) = 0.48.0
Provides: bundled(crate(windows_x86_64_msvc)) = 0.48.0
Provides: bundled(crate(zeroize)) = 1.6.0
Provides: bundled(crate(zeroize_derive)) = 1.4.2
##### Bundled cargo crates list - END ##### ##### Bundled cargo crates list - END #####
BuildRequires: nspr-devel >= 4.32 BuildRequires: nspr-devel >= 4.32
@ -175,6 +197,8 @@ BuildRequires: openssl-devel
BuildRequires: pam-devel BuildRequires: pam-devel
BuildRequires: systemd-units BuildRequires: systemd-units
BuildRequires: systemd-devel BuildRequires: systemd-devel
BuildRequires: systemd-rpm-macros
%{?sysusers_requires_compat}
%if %{use_asan} %if %{use_asan}
BuildRequires: libasan BuildRequires: libasan
%endif %endif
@ -208,6 +232,7 @@ BuildRequires: python%{python3_pkgversion}-argcomplete
BuildRequires: python%{python3_pkgversion}-argparse-manpage BuildRequires: python%{python3_pkgversion}-argparse-manpage
BuildRequires: python%{python3_pkgversion}-libselinux BuildRequires: python%{python3_pkgversion}-libselinux
BuildRequires: python%{python3_pkgversion}-policycoreutils BuildRequires: python%{python3_pkgversion}-policycoreutils
BuildRequires: python%{python3_pkgversion}-cryptography
# For cockpit # For cockpit
%if %{use_cockpit} %if %{use_cockpit}
@ -269,10 +294,8 @@ Source2: %{name}-devel.README
%if %{bundle_jemalloc} %if %{bundle_jemalloc}
Source3: https://github.com/jemalloc/%{jemalloc_name}/releases/download/%{jemalloc_ver}/%{jemalloc_name}-%{jemalloc_ver}.tar.bz2 Source3: https://github.com/jemalloc/%{jemalloc_name}/releases/download/%{jemalloc_ver}/%{jemalloc_name}-%{jemalloc_ver}.tar.bz2
%endif %endif
Patch01: 0001-Issue-3729-cont-RFE-Extend-log-of-operations-statist.patch Source4: 389-ds-base.sysusers
Patch02: 0002-Issue-5544-Increase-default-task-TTL.patch Patch01: 0001-Update-cargo-toml-file
Patch03: 0003-Issue-5413-Allow-mutliple-MemberOf-fixup-tasks-with-.patch
%description %description
389 Directory Server is an LDAPv3 compliant server. The base package includes 389 Directory Server is an LDAPv3 compliant server. The base package includes
@ -353,6 +376,7 @@ Requires: python%{python3_pkgversion}-argcomplete
Requires: python%{python3_pkgversion}-libselinux Requires: python%{python3_pkgversion}-libselinux
Requires: python%{python3_pkgversion}-setuptools Requires: python%{python3_pkgversion}-setuptools
%{?python_provide:%python_provide python%{python3_pkgversion}-lib389} %{?python_provide:%python_provide python%{python3_pkgversion}-lib389}
Requires: python%{python3_pkgversion}-cryptography
%description -n python%{python3_pkgversion}-lib389 %description -n python%{python3_pkgversion}-lib389
This module contains tools and libraries for accessing, testing, This module contains tools and libraries for accessing, testing,
@ -499,6 +523,7 @@ mkdir -p $RPM_BUILD_ROOT/var/lock/%{pkgname}
# for systemd # for systemd
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/systemd/system/%{groupname}.wants mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/systemd/system/%{groupname}.wants
install -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysusersdir}/389-ds-base.conf
# remove libtool archives and static libs # remove libtool archives and static libs
rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/*.a rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/*.a
@ -531,22 +556,8 @@ fi
# reload to pick up any changes to systemd files # reload to pick up any changes to systemd files
/bin/systemctl daemon-reload >$output 2>&1 || : /bin/systemctl daemon-reload >$output 2>&1 || :
# https://fedoraproject.org/wiki/Packaging:UsersAndGroups#Soft_static_allocation # sysusers.d format https://fedoraproject.org/wiki/Changes/Adopting_sysusers.d_format
# Soft static allocation for UID and GID %sysusers_create_compat %{SOURCE4}
USERNAME="dirsrv"
ALLOCATED_UID=389
GROUPNAME="dirsrv"
ALLOCATED_GID=389
HOMEDIR="/usr/share/dirsrv"
getent group $GROUPNAME >/dev/null || /usr/sbin/groupadd -f -g $ALLOCATED_GID -r $GROUPNAME
if ! getent passwd $USERNAME >/dev/null ; then
if ! getent passwd $ALLOCATED_UID >/dev/null ; then
/usr/sbin/useradd -r -u $ALLOCATED_UID -g $GROUPNAME -d $HOMEDIR -s /sbin/nologin -c "user for 389-ds-base" $USERNAME
else
/usr/sbin/useradd -r -g $GROUPNAME -d $HOMEDIR -s /sbin/nologin -c "user for 389-ds-base" $USERNAME
fi
fi
# Reload our sysctl before we restart (if we can) # Reload our sysctl before we restart (if we can)
sysctl --system &> $output; true sysctl --system &> $output; true
@ -620,6 +631,7 @@ exit 0
%config(noreplace)%{_sysconfdir}/%{pkgname}/schema/*.ldif %config(noreplace)%{_sysconfdir}/%{pkgname}/schema/*.ldif
%dir %{_sysconfdir}/%{pkgname}/config %dir %{_sysconfdir}/%{pkgname}/config
%dir %{_sysconfdir}/systemd/system/%{groupname}.wants %dir %{_sysconfdir}/systemd/system/%{groupname}.wants
%{_sysusersdir}/389-ds-base.conf
%config(noreplace)%{_sysconfdir}/%{pkgname}/config/slapd-collations.conf %config(noreplace)%{_sysconfdir}/%{pkgname}/config/slapd-collations.conf
%config(noreplace)%{_sysconfdir}/%{pkgname}/config/certmap.conf %config(noreplace)%{_sysconfdir}/%{pkgname}/config/certmap.conf
%{_datadir}/%{pkgname} %{_datadir}/%{pkgname}
@ -723,6 +735,11 @@ exit 0
%endif %endif
%changelog %changelog
* Mon Aug 14 2023 Mark Reynolds <mreynolds@redhat.com> - 2.2.4-5
- Bump version to 2.2.4-5
- Resolves: rhbz#1974242 - Paged search impacts performance
- Resolves: rhbz#2224503 - dsconf ERROR: Error: name 'log' is not defined
* Tue Dec 13 2022 Mark Reynolds <mreynolds@redhat.com> - 2.2.4-3 * Tue Dec 13 2022 Mark Reynolds <mreynolds@redhat.com> - 2.2.4-3
- Bump version to 2.2.4-3 - Bump version to 2.2.4-3
- Resolves: rhbz#2142636 - pam mutex lock causing high etimes, affecting red hat internal sso - Resolves: rhbz#2142636 - pam mutex lock causing high etimes, affecting red hat internal sso

Loading…
Cancel
Save