Heiko Schlittermann
2021-Feb-25 11:17 UTC
doveadm user '*' vs sssd: enumeration works only once
Aki Tuomi <aki.tuomi at open-xchange.com> (Do 25 Feb 2021 12:06:43 CET):> > > > diff --git a/src/auth/userdb-passwd.c b/src/auth/userdb-passwd.c > > index 70b9969f6..4682dc873 100644 > > --- a/src/auth/userdb-passwd.c > > +++ b/src/auth/userdb-passwd.c > > @@ -208,6 +208,7 @@ static int passwd_iterate_deinit(struct userdb_iterate_context *_ctx) > > cur_userdb_iter_to = timeout_add(0, passwd_iterate_next_timeout, > > NULL); > > } > > + endpwent(); > > return ret; > > } > > > > > > -- > > Heiko > > Hi! > We'll look into it, might be that we are missing endpwent() there indeed.I'm not sure about the semantics of setpwent()/endpwent(), mayb the nss plugin (here sssd) should gracefully handle a missing endwent() if it sees a new setpwent(). But I think, it can't harm to call endpwent() on the dovecot side. I deployed a debian package with the above patch added onto my system, and it seems to work. So, should I file a bug report against dovecot? Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <https://dovecot.org/pipermail/dovecot/attachments/20210225/63939d9d/attachment.sig>
> On 25/02/2021 13:17 Heiko Schlittermann <hs at schlittermann.de> wrote: > > > Aki Tuomi <aki.tuomi at open-xchange.com> (Do 25 Feb 2021 12:06:43 CET): > > > > > > diff --git a/src/auth/userdb-passwd.c b/src/auth/userdb-passwd.c > > > index 70b9969f6..4682dc873 100644 > > > --- a/src/auth/userdb-passwd.c > > > +++ b/src/auth/userdb-passwd.c > > > @@ -208,6 +208,7 @@ static int passwd_iterate_deinit(struct userdb_iterate_context *_ctx) > > > cur_userdb_iter_to = timeout_add(0, passwd_iterate_next_timeout, > > > NULL); > > > } > > > + endpwent(); > > > return ret; > > > } > > > > > > > > > -- > > > Heiko > > > > Hi! > > We'll look into it, might be that we are missing endpwent() there indeed. > > I'm not sure about the semantics of setpwent()/endpwent(), mayb the nss > plugin (here sssd) should gracefully handle a missing endwent() if it > sees a new setpwent(). But I think, it can't harm to call endpwent() on > the dovecot side. > > I deployed a debian package with the above patch added onto my system, > and it seems to work. > > So, should I file a bug report against dovecot? > > Best regards from Dresden/Germany > Viele Gr??e aus Dresden > Heiko SchlittermannYou can consider it being filed. Aki
Heiko Schlittermann
2021-Feb-25 16:03 UTC
doveadm user '*' vs sssd: enumeration works only once
Heiko Schlittermann <hs at schlittermann.de> (Do 25 Feb 2021 12:17:55 CET):> > I'm not sure about the semantics of setpwent()/endpwent(), mayb the nss > plugin (here sssd) should gracefully handle a missing endwent() if it > sees a new setpwent(). But I think, it can't harm to call endpwent() on > the dovecot side. > > I deployed a debian package with the above patch added onto my system, > and it seems to work.I added a small patch to the sssd nss module, preventivly calling its internal endpwent() function, prior to setpwent(). This way I achive the same result, the user's list ist complete now. So, IMHO the bottom line is: it's not clear if a successive setpwent() should imply an automatic endpwent() on the nss side. -- Heiko -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: <https://dovecot.org/pipermail/dovecot/attachments/20210225/90fbc787/attachment.sig>