Skip to content

SBUS: increase SBUS_MESSAGE_TIMEOUT to 5 mins #8367

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
alexey-tikhonov merged 2 commits into from
Jan 19, 2026
Merged

SBUS: increase SBUS_MESSAGE_TIMEOUT to 5 mins #8367

alexey-tikhonov merged 2 commits into from
Jan 19, 2026
+5 −3

Conversation

@alexey-tikhonov
Copy link
Member

@alexey-tikhonov alexey-tikhonov commented Jan 16, 2026

... and fixed an issue with 'client_idle_timer'

gemini-code-assist[bot]
gemini-code-assist bot reviewed Jan 16, 2026
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request increases the SBUS message timeout to 5 minutes to accommodate long-running operations and also fixes a bug in the client idle timer logic. The changes to the timer logic appear correct. However, a new check introduced to compare the client idle timeout with the SBUS message timeout contains a bug due to a unit mismatch (seconds vs. milliseconds), which I've commented on.

@alexey-tikhonov alexey-tikhonov marked this pull request as ready for review January 16, 2026 12:47
@alexey-tikhonov alexey-tikhonov added the coverity Trigger a coverity scan label Jan 16, 2026
sumit-bose
sumit-bose reviewed Jan 16, 2026
View reviewed changes
src/responder/common/responder_common.c Outdated
if (rctx->client_idle_timeout > SBUS_MESSAGE_TIMEOUT/1000) {
DEBUG(SSSDBG_CONF_SETTINGS, "'"CONFDB_RESPONDER_CLI_IDLE_TIMEOUT
"' is configured to a value %d - higher than SBUS_MESSAGE_TIMEOUT %d, "
"this usually doesn't make sense.\n",
Copy link
Contributor

@sumit-bose sumit-bose Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi,

if you add a comment here, it might be worth to add a similar comment to the client_idle_timeout man page entry as well.

bye,
Sumit

Copy link
Member Author

@alexey-tikhonov alexey-tikhonov Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe it's better to remove this warning...

'client_idle_timeout' > 'SBUS_MESSAGE_TIMEOUT' can be justified actually.
It can be used to keep fd open between client requests...

Copy link
Contributor

@sumit-bose sumit-bose Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm fine with removing it.

Copy link
Member Author

@alexey-tikhonov alexey-tikhonov Jan 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed.

@alexey-tikhonov alexey-tikhonov added coverity Trigger a coverity scan and removed coverity Trigger a coverity scan labels Jan 16, 2026
@alexey-tikhonov
Copy link
Member Author

alexey-tikhonov commented Jan 16, 2026

Note: Covscan is green.

@alexey-tikhonov alexey-tikhonov removed the coverity Trigger a coverity scan label Jan 16, 2026
sumit-bose
sumit-bose reviewed Jan 16, 2026
View reviewed changes
sumit-bose
sumit-bose approved these changes Jan 19, 2026
View reviewed changes
Copy link
Contributor

@sumit-bose sumit-bose left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi,

thank you, I have no further comments, ACK.

bye,
Sumit

@alexey-tikhonov @sssd-bot
SBUS: increase SBUS_MESSAGE_TIMEOUT to 5 mins
1a4696c 
Handling BE_REQ_INITGROUPS for LDAP user with 10k groups takes longer
than 2 mins.

Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
@alexey-tikhonov @sssd-bot
RESPONDER: fixed an issue with 'client_idle_timer'
c8e14d0 
As it was implemented previously, effective period was 1.5*client_idle_timeout
instead of `client_idle_timeout` as documented.

Log with default value - 60 - before a fix:
```
(:49:12): [nss] [setup_client_idle_timer] (0x4000): Idle timer re-set for client [0x557af16f31b0][22]
(:49:42): [nss] [setup_client_idle_timer] (0x4000): Idle timer re-set for client [0x557af16f31b0][22]
(:50:12): [nss] [setup_client_idle_timer] (0x4000): Idle timer re-set for client [0x557af16f31b0][22]
(:50:42): [nss] [client_idle_handler] (0x2000): Terminating idle client [0x557af16f31b0][22]
```

Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
@sssd-bot
Copy link
Contributor

sssd-bot commented Jan 19, 2026

The pull request was accepted by @alexey-tikhonov with the following PR CI status:

🟢 CodeFactor (success)
🟢 CodeQL (success)
🟢 osh-diff-scan:fedora-rawhide-x86_64:upstream (success)
🟢 rpm-build:centos-stream-10-x86_64:upstream (success)
🟢 rpm-build:fedora-42-x86_64:upstream (success)
🟢 rpm-build:fedora-43-x86_64:upstream (success)
🟢 rpm-build:fedora-rawhide-x86_64:upstream (success)
🟢 Analyze (target) / cppcheck (success)
🟢 Build / freebsd (success)
🟢 Build / make-distcheck (success)
🟢 ci / intgcheck (centos-10) (success)
🟢 ci / intgcheck (fedora-42) (success)
🟢 ci / intgcheck (fedora-43) (success)
🟢 ci / intgcheck (fedora-44) (success)
🟢 ci / prepare (success)
🟢 ci / system (centos-10) (success)
🟢 ci / system (fedora-42) (success)
🟢 ci / system (fedora-43) (success)
🔴 ci / system (fedora-44) (failure)
➖ Coverity scan / coverity (skipped)
🟢 Static code analysis / codeql (success)
🟢 Static code analysis / pre-commit (success)
🟢 Static code analysis / python-system-tests (success)

There are unsuccessful or unfinished checks. Make sure that the failures are not related to this pull request before merging.

@alexey-tikhonov alexey-tikhonov merged commit 7762901 into SSSD:master Jan 19, 2026
10 of 11 checks passed
This was referenced Jan 19, 2026
Open
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sumit-bose sumit-bose sumit-bose approved these changes

@pbrezina pbrezina pbrezina approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@sumit-bose sumit-bose

@pbrezina pbrezina

Labels

Accepted backport-to-sssd-2-9-4 Corresponds to C8S backport-to-sssd-2-9 backport-to-sssd-2-11 backport-to-sssd-2-12

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@alexey-tikhonov @sssd-bot @sumit-bose @pbrezina