Skip Menu |
 

Date: Thu, 26 Mar 2015 06:43:28 -0400
From: John Devitofranceschi <jdvf@optonline.net>
Subject: patch for kpropd -t (runonce) full propagation
To: krb5-bugs@mit.edu
Download (untitled) / with headers
text/plain 2.6KiB
I've been looking at the code for kpropd and I came up with this patch.

It allows the fullprop child to live, if necessary AND it picks up all the incremental changes to boot!

--- kpropd.c- 2015-02-11 22:16:43.000000000 -0500
+++ kpropd.c 2015-03-25 21:10:17.147687869 -0400
@@ -92,6 +92,7 @@

char *def_realm = NULL;
int runonce = 0;
+int waitfor_do_standalone = 0;

/*
* This struct simulates the use of _kadm5_server_handle_t
@@ -321,8 +322,15 @@
default:
retval = do_iprop();
/* do_iprop() can return due to failures and runonce. */
- kill(fullprop_child, SIGHUP);
- wait(NULL);
+ if (runonce == 1 && waitfor_do_standalone == 1) {
+ int status;
+ (void) waitpid(fullprop_child, &status, 0);
+ waitfor_do_standalone++;
+ retval = main(argc, argv); /* pick up incremental changes, too */
+ } else {
+ kill(fullprop_child, SIGHUP);
+ wait(NULL);
+ }
if (retval)
com_err(progname, retval, _("do_iprop failed.\n"));
else
@@ -841,6 +849,7 @@
fprintf(stderr, _("Full resync request granted\n"));
syslog(LOG_INFO, _("Full resync request granted."));
backoff_cnt = 0;
+ waitfor_do_standalone++;
break;

case UPDATE_BUSY:




Here it is in action:

Needing fullprop:
$ sudo ./kpropd -d -t
ready
Incremental propagation enabled
waiting for a kprop connection
Initializing kadm5 as client kiprop/topper21.foonon.com@FOONON.COM
kadm5 initialization succeeded
Calling iprop_get_updates_1 (sno=0 sec=1427332239 usec=919246)
Full resync needed
Full resync request granted
Connection from endless.foonon.com
krb5_recvauth(5, kprop5_01, host/topper21.foonon.com@FOONON.COM, ...)
authenticated client: host/endless.foonon.com@FOONON.COM (etype == AES-256 CTS mode with 96-bit SHA-1 HMAC)
Full propagation transfer started.
Full propagation transfer finished.
calling kdb5_util to load database
Load PID is 26490
Database load process for full propagation completed.
ready
Incremental propagation enabled
waiting for a kprop connection
Initializing kadm5 as client kiprop/topper21.foonon.com@FOONON.COM
kadm5 initialization succeeded
Calling iprop_get_updates_1 (sno=1 sec=1427036750 usec=158517)
Got incremental updates (sno=16 sec=1427279653 usec=832057)
Incremental updates: 15 updates / 32778 us

Everything up to date:
$ sudo ./kpropd -d -t
ready
Incremental propagation enabled
waiting for a kprop connection
Initializing kadm5 as client kiprop/topper21.foonon.com@FOONON.COM
kadm5 initialization succeeded
Calling iprop_get_updates_1 (sno=16 sec=1427279653 usec=832057)
KDC is synchronized with master.
Some mailing list context for this change is at http://mailman.mit.edu/pipermail/krbdev/2015-
March/012321.html
I created https://github.com/krb5/krb5/pull/267 for this patch.
From: ghudson@mit.edu
Subject: git commit

In kpropd, poll after finishing resync

When kpropd operates in iprop mode, full resyncs are handled by a
child process. After a full resync, we want to poll for incremental
updates, as the dump we received may have come from a pre-existing
dump file which was not current. To make this polling happen
promptly, signal the parent process from the child process after a
dump is received.

With this change, t_iprop.py no longer has to prod kpropd after a full
resync occurs, so remove that logic.

https://github.com/krb5/krb5/commit/c19fee0a748dd26ba6ac62118cf4b9ebec36ba2f
Author: Greg Hudson <ghudson@mit.edu>
Commit: c19fee0a748dd26ba6ac62118cf4b9ebec36ba2f
Branch: master
src/slave/kpropd.c | 6 +++++-
src/tests/t_iprop.py | 8 +-------
2 files changed, 6 insertions(+), 8 deletions(-)
From: ghudson@mit.edu
Subject: git commit

Document kpropd -t and fix it in iprop mode

If kpropd is asked to run just once, don't exit after starting a full
resync; we want to wait for the fullprop child to process the request,
and then request incremental updates afterwards. Also don't exit from
do_standalone() in the fullprop child, in case multiple full resyncs
are required to get the database up to date.

Document the -t flag in kpropd.rst.

https://github.com/krb5/krb5/commit/334f761ba485e4af6d5fb8822e276d4590b97bf5
Author: Greg Hudson <ghudson@mit.edu>
Commit: 334f761ba485e4af6d5fb8822e276d4590b97bf5
Branch: master
doc/admin/admin_commands/kpropd.rst | 7 +++++++
src/slave/kpropd.c | 4 ++--
2 files changed, 9 insertions(+), 2 deletions(-)
From: ghudson@mit.edu
Subject: git commit

Add kpropd -t iprop-mode tests

Add a run_kpropd_once() method to K5Realm(), and add tests to
t_iprop.py for the cases where no updates are needed, where
incremental updates are needed, and where a full resync is needed
followed by a poll for updates.

https://github.com/krb5/krb5/commit/fa76eebe09c09063b64715da4b7bcb7a969848da
Author: Greg Hudson <ghudson@mit.edu>
Commit: fa76eebe09c09063b64715da4b7bcb7a969848da
Branch: master
src/tests/t_iprop.py | 46 ++++++++++++++++++++++++++++++++++++++++++++++
src/util/k5test.py | 19 ++++++++++++++-----
2 files changed, 60 insertions(+), 5 deletions(-)