Discussion:
[SSSD] [sssd PR#5597][comment] sss_cache: reset original timestamp and USN
alexey-tikhonov
2021-05-06 14:35:28 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

alexey-tikhonov commented:
"""
Those 3 tests fail on every target:
```
FAIL test_sssctl.py::test_user_show_basic_sanity
FAIL test_sssctl.py::test_user_show_basic_fqname
FAIL test_sssctl.py::test_user_show_basic_fqname_insensitive
```
"""

See the full comment at https://github.com/SSSD/sssd/pull/5597#issuecomment-833573946
elkoniu
2021-05-07 09:55:58 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

elkoniu commented:
"""
Test environment:
- client machine
- LDAP server providing `user-1`

Result of test without and with this PR:
```
[VANILA]==========================================================
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# returned 1 records
# 1 entries
# 0 referrals
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# id user-1
uid=10001(user-1) gid=10001(user-1) groups=10001(user-1)
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
dataExpireTimestamp: 1620384937
lastUpdate: 1620379537
objectCategory: user
originalModifyTimestamp: 20210507092448Z
entryUSN: 20210507092448Z
initgrExpireTimestamp: 1620384937
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# sss_cache -E
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
lastUpdate: 1620379537
objectCategory: user
originalModifyTimestamp: 20210507092448Z
entryUSN: 20210507092448Z
dataExpireTimestamp: 1
initgrExpireTimestamp: 1
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals


[SUMIT PR]==========================================================
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# returned 1 records
# 1 entries
# 0 referrals
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# id user-1
uid=10001(user-1) gid=10001(user-1) groups=10001(user-1)
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
dataExpireTimestamp: 1620386518
lastUpdate: 1620381118
objectCategory: user
originalModifyTimestamp: 20210507092448Z
entryUSN: 20210507092448Z
initgrExpireTimestamp: 1620386518
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# sss_cache -E
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
lastUpdate: 1620381118
objectCategory: user
dataExpireTimestamp: 1
initgrExpireTimestamp: 1
originalModifyTimestamp: 1
entryUSN: 1
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
```
"""

See the full comment at https://github.com/SSSD/sssd/pull/5597#issuecomment-834227538
elkoniu
2021-05-07 10:04:32 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

elkoniu commented:
"""
Test environment:
- client machine
- LDAP server providing `user-1`

Result of the test without and with this PR:
```
[VANILA]==========================================================
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# returned 1 records
# 1 entries
# 0 referrals
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# id user-1
uid=10001(user-1) gid=10001(user-1) groups=10001(user-1)
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
dataExpireTimestamp: 1620384937
lastUpdate: 1620379537
objectCategory: user
originalModifyTimestamp: 20210507092448Z
entryUSN: 20210507092448Z
initgrExpireTimestamp: 1620384937
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# sss_cache -E
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
lastUpdate: 1620379537
objectCategory: user
originalModifyTimestamp: 20210507092448Z
entryUSN: 20210507092448Z
dataExpireTimestamp: 1
initgrExpireTimestamp: 1
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals


[SUMIT PR]==========================================================
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# returned 1 records
# 1 entries
# 0 referrals
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# id user-1
uid=10001(user-1) gid=10001(user-1) groups=10001(user-1)
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
dataExpireTimestamp: 1620386518
lastUpdate: 1620381118
objectCategory: user
originalModifyTimestamp: 20210507092448Z
entryUSN: 20210507092448Z
initgrExpireTimestamp: 1620386518
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# sss_cache -E
#----------------------------------------------------------------
[***@master.client.vm /var/log/sssd]# ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
lastUpdate: 1620381118
objectCategory: user
dataExpireTimestamp: 1
initgrExpireTimestamp: 1
originalModifyTimestamp: 1
entryUSN: 1
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
```
"""

See the full comment at https://github.com/SSSD/sssd/pull/5597#issuecomment-834227538
elkoniu
2021-05-07 12:00:42 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

elkoniu commented:
"""
Test environment:
- client machine
- LDAP server providing `user-1`

Test script:
```
#!/bin/bash

echo "RESTART SSSD ====================================================================="
systemctl stop sssd; sss_cache -E; rm -rf /var/lib/sss/db/*; rm -rf /var/log/sssd/*.log; systemctl start sssd
echo "FETCH USER ---------------------------------------------------------------------"
id user-1
echo "FETCH GROUP ---------------------------------------------------------------------"
getent group group-1
echo "USER TIMESTAMP CACHE ---------------------------------------------------------------------"
ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
echo "GROUP TIMESTAMP CACHE ---------------------------------------------------------------------"
ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Groups,cn=ldap.vm,cn=sysdb
echo "USER CACHE ---------------------------------------------------------------------"
ldbsearch -H /var/lib/sss/db/cache_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
echo "GROUP CACHE ---------------------------------------------------------------------"
ldbsearch -H /var/lib/sss/db/cache_ldap.vm.ldb -b cn=Groups,cn=ldap.vm,cn=sysdb
echo "CLEAR CACHE ---------------------------------------------------------------------"
sss_cache -E
echo "USER TIMESTAMP CACHE ---------------------------------------------------------------------"
ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
echo "GROUP TIMESTAMP CACHE ---------------------------------------------------------------------"
ldbsearch -H /var/lib/sss/db/timestamps_ldap.vm.ldb -b cn=Groups,cn=ldap.vm,cn=sysdb
echo "USER CACHE ---------------------------------------------------------------------"
ldbsearch -H /var/lib/sss/db/cache_ldap.vm.ldb -b cn=Users,cn=ldap.vm,cn=sysdb
echo "GROUP CACHE ---------------------------------------------------------------------"
ldbsearch -H /var/lib/sss/db/cache_ldap.vm.ldb -b cn=Groups,cn=ldap.vm,cn=sysdb
```

Vanila SSSD result:
```RESTART SSSD =====================================================================
FETCH USER ---------------------------------------------------------------------
uid=10001(user-1) gid=10001(user-1) groups=10001(user-1),20002(group-2),20001(group-1)
FETCH GROUP ---------------------------------------------------------------------
group-1:*:20001:user-1
USER TIMESTAMP CACHE ---------------------------------------------------------------------
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
dataExpireTimestamp: 1620393487
lastUpdate: 1620388087
objectCategory: user
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
initgrExpireTimestamp: 1620393487
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
GROUP TIMESTAMP CACHE ---------------------------------------------------------------------
# record 1
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388087
objectCategory: group
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
dataExpireTimestamp: 1620393487
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
dataExpireTimestamp: 1620393487
lastUpdate: 1620388087
objectCategory: group
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
distinguishedName: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 3
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388087
objectCategory: group
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
dataExpireTimestamp: 1620393487
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 4
dn: cn=groups,cn=ldap.vm,cn=sysdb
cn: Groups
distinguishedName: cn=groups,cn=ldap.vm,cn=sysdb

# returned 4 records
# 4 entries
# 0 referrals
USER CACHE ---------------------------------------------------------------------
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388087
fullName: user-1
gecos: user-1
gidNumber: 10001
homeDirectory: /home/user-1
name: user-***@ldap.vm
objectCategory: user
uidNumber: 10001
originalDN: cn=user-1,ou=users,dc=ldap,dc=vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: user-***@ldap.vm
isPosix: TRUE
lastUpdate: 1620388087
dataExpireTimestamp: 1620393487
memberof: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
memberof: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
initgrExpireTimestamp: 1620393487
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
GROUP CACHE ---------------------------------------------------------------------
# record 1
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388087
gidNumber: 20002
name: group-***@ldap.vm
objectCategory: group
lastUpdate: 1620388087
isPosix: TRUE
originalDN: cn=group-2,ou=posix_groups,dc=ldap,dc=vm
member: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
memberuid: user-***@ldap.vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: group-***@ldap.vm
dataExpireTimestamp: 1620393487
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388087
gidNumber: 10001
name: user-***@ldap.vm
objectCategory: group
isPosix: TRUE
originalDN: cn=user-1,ou=posix_groups,dc=ldap,dc=vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: user-***@ldap.vm
lastUpdate: 1620388087
dataExpireTimestamp: 1620393487
distinguishedName: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 3
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388087
gidNumber: 20001
name: group-***@ldap.vm
objectCategory: group
lastUpdate: 1620388087
isPosix: TRUE
originalDN: cn=group-1,ou=posix_groups,dc=ldap,dc=vm
member: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
memberuid: user-***@ldap.vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: group-***@ldap.vm
dataExpireTimestamp: 1620393487
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 4
dn: cn=groups,cn=ldap.vm,cn=sysdb
cn: Groups
distinguishedName: cn=groups,cn=ldap.vm,cn=sysdb

# returned 4 records
# 4 entries
# 0 referrals
CLEAR CACHE ---------------------------------------------------------------------
USER TIMESTAMP CACHE ---------------------------------------------------------------------
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388087
objectCategory: user
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
dataExpireTimestamp: 1
initgrExpireTimestamp: 1
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
GROUP TIMESTAMP CACHE ---------------------------------------------------------------------
# record 1
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388087
objectCategory: group
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
dataExpireTimestamp: 1
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388087
objectCategory: group
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
dataExpireTimestamp: 1
distinguishedName: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 3
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388087
objectCategory: group
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
dataExpireTimestamp: 1
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 4
dn: cn=groups,cn=ldap.vm,cn=sysdb
cn: Groups
distinguishedName: cn=groups,cn=ldap.vm,cn=sysdb

# returned 4 records
# 4 entries
# 0 referrals
USER CACHE ---------------------------------------------------------------------
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388087
fullName: user-1
gecos: user-1
gidNumber: 10001
homeDirectory: /home/user-1
name: user-***@ldap.vm
objectCategory: user
uidNumber: 10001
originalDN: cn=user-1,ou=users,dc=ldap,dc=vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: user-***@ldap.vm
isPosix: TRUE
lastUpdate: 1620388087
memberof: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
memberof: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
initgrExpireTimestamp: 1620393487
dataExpireTimestamp: 1
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
GROUP CACHE ---------------------------------------------------------------------
# record 1
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388087
gidNumber: 20002
name: group-***@ldap.vm
objectCategory: group
lastUpdate: 1620388087
isPosix: TRUE
originalDN: cn=group-2,ou=posix_groups,dc=ldap,dc=vm
member: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
memberuid: user-***@ldap.vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: group-***@ldap.vm
dataExpireTimestamp: 1
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388087
gidNumber: 10001
name: user-***@ldap.vm
objectCategory: group
isPosix: TRUE
originalDN: cn=user-1,ou=posix_groups,dc=ldap,dc=vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: user-***@ldap.vm
lastUpdate: 1620388087
dataExpireTimestamp: 1
distinguishedName: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 3
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388087
gidNumber: 20001
name: group-***@ldap.vm
objectCategory: group
lastUpdate: 1620388087
isPosix: TRUE
originalDN: cn=group-1,ou=posix_groups,dc=ldap,dc=vm
member: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
memberuid: user-***@ldap.vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: group-***@ldap.vm
dataExpireTimestamp: 1
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 4
dn: cn=groups,cn=ldap.vm,cn=sysdb
cn: Groups
distinguishedName: cn=groups,cn=ldap.vm,cn=sysdb

# returned 4 records
# 4 entries
# 0 referrals


```

SSSD with this PR included result:
```
RESTART SSSD =====================================================================
FETCH USER ---------------------------------------------------------------------
uid=10001(user-1) gid=10001(user-1) groups=10001(user-1),20002(group-2),20001(group-1)
FETCH GROUP ---------------------------------------------------------------------
group-1:*:20001:user-1
USER TIMESTAMP CACHE ---------------------------------------------------------------------
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
dataExpireTimestamp: 1620393598
lastUpdate: 1620388198
objectCategory: user
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
initgrExpireTimestamp: 1620393598
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
GROUP TIMESTAMP CACHE ---------------------------------------------------------------------
# record 1
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388198
objectCategory: group
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
dataExpireTimestamp: 1620393598
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
dataExpireTimestamp: 1620393598
lastUpdate: 1620388198
objectCategory: group
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
distinguishedName: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 3
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388198
objectCategory: group
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
dataExpireTimestamp: 1620393598
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 4
dn: cn=groups,cn=ldap.vm,cn=sysdb
cn: Groups
distinguishedName: cn=groups,cn=ldap.vm,cn=sysdb

# returned 4 records
# 4 entries
# 0 referrals
USER CACHE ---------------------------------------------------------------------
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388198
fullName: user-1
gecos: user-1
gidNumber: 10001
homeDirectory: /home/user-1
name: user-***@ldap.vm
objectCategory: user
uidNumber: 10001
originalDN: cn=user-1,ou=users,dc=ldap,dc=vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: user-***@ldap.vm
isPosix: TRUE
lastUpdate: 1620388198
dataExpireTimestamp: 1620393598
initgrExpireTimestamp: 0
memberof: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
memberof: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
GROUP CACHE ---------------------------------------------------------------------
# record 1
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388198
gidNumber: 20002
name: group-***@ldap.vm
objectCategory: group
lastUpdate: 1620388198
isPosix: TRUE
originalDN: cn=group-2,ou=posix_groups,dc=ldap,dc=vm
member: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
memberuid: user-***@ldap.vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: group-***@ldap.vm
dataExpireTimestamp: 1620393598
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388198
gidNumber: 10001
name: user-***@ldap.vm
objectCategory: group
isPosix: TRUE
originalDN: cn=user-1,ou=posix_groups,dc=ldap,dc=vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: user-***@ldap.vm
lastUpdate: 1620388198
dataExpireTimestamp: 1620393598
distinguishedName: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 3
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388198
gidNumber: 20001
name: group-***@ldap.vm
objectCategory: group
lastUpdate: 1620388198
isPosix: TRUE
originalDN: cn=group-1,ou=posix_groups,dc=ldap,dc=vm
member: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
memberuid: user-***@ldap.vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: group-***@ldap.vm
dataExpireTimestamp: 1620393598
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 4
dn: cn=groups,cn=ldap.vm,cn=sysdb
cn: Groups
distinguishedName: cn=groups,cn=ldap.vm,cn=sysdb

# returned 4 records
# 4 entries
# 0 referrals
CLEAR CACHE ---------------------------------------------------------------------
USER TIMESTAMP CACHE ---------------------------------------------------------------------
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388198
objectCategory: user
dataExpireTimestamp: 1
initgrExpireTimestamp: 1
originalModifyTimestamp: 1
entryUSN: 1
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
GROUP TIMESTAMP CACHE ---------------------------------------------------------------------
# record 1
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388198
objectCategory: group
dataExpireTimestamp: 1
originalModifyTimestamp: 1
entryUSN: 1
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388198
objectCategory: group
dataExpireTimestamp: 1
originalModifyTimestamp: 1
entryUSN: 1
distinguishedName: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 3
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
lastUpdate: 1620388198
objectCategory: group
dataExpireTimestamp: 1
originalModifyTimestamp: 1
entryUSN: 1
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 4
dn: cn=groups,cn=ldap.vm,cn=sysdb
cn: Groups
distinguishedName: cn=groups,cn=ldap.vm,cn=sysdb

# returned 4 records
# 4 entries
# 0 referrals
USER CACHE ---------------------------------------------------------------------
# record 1
dn: cn=users,cn=ldap.vm,cn=sysdb
cn: Users
distinguishedName: cn=users,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388198
fullName: user-1
gecos: user-1
gidNumber: 10001
homeDirectory: /home/user-1
name: user-***@ldap.vm
objectCategory: user
uidNumber: 10001
originalDN: cn=user-1,ou=users,dc=ldap,dc=vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: user-***@ldap.vm
isPosix: TRUE
lastUpdate: 1620388198
initgrExpireTimestamp: 0
memberof: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
memberof: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
dataExpireTimestamp: 1
distinguishedName: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb

# returned 2 records
# 2 entries
# 0 referrals
GROUP CACHE ---------------------------------------------------------------------
# record 1
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388198
gidNumber: 20002
name: group-***@ldap.vm
objectCategory: group
lastUpdate: 1620388198
isPosix: TRUE
originalDN: cn=group-2,ou=posix_groups,dc=ldap,dc=vm
member: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
memberuid: user-***@ldap.vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: group-***@ldap.vm
dataExpireTimestamp: 1
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 2
dn: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388198
gidNumber: 10001
name: user-***@ldap.vm
objectCategory: group
isPosix: TRUE
originalDN: cn=user-1,ou=posix_groups,dc=ldap,dc=vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: user-***@ldap.vm
lastUpdate: 1620388198
dataExpireTimestamp: 1
distinguishedName: name=user-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 3
dn: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb
createTimestamp: 1620388198
gidNumber: 20001
name: group-***@ldap.vm
objectCategory: group
lastUpdate: 1620388198
isPosix: TRUE
originalDN: cn=group-1,ou=posix_groups,dc=ldap,dc=vm
member: name=user-***@ldap.vm,cn=users,cn=ldap.vm,cn=sysdb
memberuid: user-***@ldap.vm
originalModifyTimestamp: 20210507114537Z
entryUSN: 20210507114537Z
nameAlias: group-***@ldap.vm
dataExpireTimestamp: 1
distinguishedName: name=group-***@ldap.vm,cn=groups,cn=ldap.vm,cn=sysdb

# record 4
dn: cn=groups,cn=ldap.vm,cn=sysdb
cn: Groups
distinguishedName: cn=groups,cn=ldap.vm,cn=sysdb

# returned 4 records
# 4 entries
# 0 referrals

```
"""

See the full comment at https://github.com/SSSD/sssd/pull/5597#issuecomment-834227538
elkoniu
2021-05-07 12:14:28 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

elkoniu commented:
"""
The reason why upstream CI fails:
```
=================================== FAILURES ===================================
_________________________ test_user_show_basic_sanity __________________________
Traceback (most recent call last):
File "/shared/sssd/src/tests/intg/test_sssctl.py", line 227, in test_user_show_basic_sanity
assert output.find("Initgroups expiration time: Initgroups were not yet "
AssertionError: assert -1 != -1
+ where -1 = <built-in method find of str object at 0x7f9d65e46e00>('Initgroups expiration time: Initgroups were not yet performed')
+ where <built-in method find of str object at 0x7f9d65e46e00> = 'Name: user1\nCache entry creation date: 05/06/21 10:30:42\nCache entry last update time: 05/06/21 10:30:42\nCache entry expiration time: 05/06/21 12:00:42\nInitgroups expiration time: Expired\nCached in InfoPipe: No\n'.find
_________________________ test_user_show_basic_fqname __________________________
Traceback (most recent call last):
File "/shared/sssd/src/tests/intg/test_sssctl.py", line 255, in test_user_show_basic_fqname
assert output.find("Initgroups expiration time: Initgroups were not yet "
AssertionError: assert -1 != -1
+ where -1 = <built-in method find of str object at 0x7f9d65e468b0>('Initgroups expiration time: Initgroups were not yet performed')
+ where <built-in method find of str object at 0x7f9d65e468b0> = 'Name: ***@LDAP\nCache entry creation date: 05/06/21 10:30:44\nCache entry last update time: 05/06/21 10:30:44\nCache entry expiration time: 05/06/21 12:00:44\nInitgroups expiration time: Expired\nCached in InfoPipe: No\n'.find
___________________ test_user_show_basic_fqname_insensitive ____________________
Traceback (most recent call last):
File "/shared/sssd/src/tests/intg/test_sssctl.py", line 284, in test_user_show_basic_fqname_insensitive
assert output.find("Initgroups expiration time: Initgroups were not yet "
AssertionError: assert -1 != -1
+ where -1 = <built-in method find of str object at 0x7f9d65e46e00>('Initgroups expiration time: Initgroups were not yet performed')
+ where <built-in method find of str object at 0x7f9d65e46e00> = 'Name: ***@LDAP\nCache entry creation date: 05/06/21 10:30:46\nCache entry last update time: 05/06/21 10:30:46\nCache entry expiration time: 05/06/21 12:00:46\nInitgroups expiration time: Expired\nCached in InfoPipe: No\n'.find
```
"""

See the full comment at https://github.com/SSSD/sssd/pull/5597#issuecomment-834321019
sumit-bose
2021-05-07 14:55:00 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Author: sumit-bose
Title: #5597: sss_cache: reset original timestamp and USN
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5597/head:pr5597
git checkout pr5597
sumit-bose
2021-05-07 14:57:05 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

sumit-bose commented:
"""
Hi,

thank you for the review, I updated the second patch so that the new initial value is treated as "Initgroups were not yet performed" as well.

bye,
Sumit
"""

See the full comment at https://github.com/SSSD/sssd/pull/5597#issuecomment-834484638
elkoniu
2021-05-07 18:21:04 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

Label: +Accepted
pbrezina
2021-05-10 08:22:25 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

Label: +Ready to push
pbrezina
2021-05-10 09:13:51 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

pbrezina commented:
"""
Pushed PR: https://github.com/SSSD/sssd/pull/5597

* `master`
* c227ea4ecdc3d0528be2cb31bba4fd41d7c4df1b - sysdb: add SYSDB_INITGR_EXPIRE to new user objects
* de1709041daa2898a859e85b71be92c3b1931da4 - sss_cache: reset original timestamp and USN

"""

See the full comment at https://github.com/SSSD/sssd/pull/5597#issuecomment-836445559
pbrezina
2021-05-10 09:13:52 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

Label: +Pushed
pbrezina
2021-05-10 09:13:55 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

Label: -Ready to push
pbrezina
2021-05-10 09:13:58 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

Label: -Accepted
pbrezina
2021-05-10 09:14:00 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Author: sumit-bose
Title: #5597: sss_cache: reset original timestamp and USN
Action: closed

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5597/head:pr5597
git checkout pr5597
elkoniu
2021-05-10 12:31:02 UTC
Permalink
URL: https://github.com/SSSD/sssd/pull/5597
Title: #5597: sss_cache: reset original timestamp and USN

Label: +Bugzilla

Loading...