From f75e5ac65bfcdb0136f18dfbc446d1bfbaaf67c0 Mon Sep 17 00:00:00 2001 From: Andrzej Jackowski Date: Thu, 23 Apr 2026 08:08:06 +0200 Subject: [PATCH] auth: reload LDAP permission cache on local shard only MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The LDAP role manager's _cache_pruner fiber used invoke_on_all() to reload permissions on every shard. Since auth::service::start() runs on all shards in parallel via invoke_on_all(), the pruner on shard X could call reload_all_permissions() on shard Y before shard Y finished start() and set its permission loader, hitting SCYLLA_ASSERT(_permission_loader). The same cross-shard race existed during shutdown. Each shard runs its own pruner instance, so reloading locally is sufficient — all shards are still covered. This also removes redundant N-squared reload calls. Refs SCYLLADB-1679 --- auth/ldap_role_manager.cc | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/auth/ldap_role_manager.cc b/auth/ldap_role_manager.cc index 75b992c6a8..edef3d84b7 100644 --- a/auth/ldap_role_manager.cc +++ b/auth/ldap_role_manager.cc @@ -258,13 +258,11 @@ future<> ldap_role_manager::start() { } catch (const seastar::sleep_aborted&) { co_return; // ignore } - co_await _cache.container().invoke_on_all([] (cache& c) -> future<> { - try { - co_await c.reload_all_permissions(); - } catch (...) { - mylog.warn("Cache reload all permissions failed: {}", std::current_exception()); - } - }); + try { + co_await _cache.reload_all_permissions(); + } catch (...) { + mylog.warn("Cache reload all permissions failed: {}", std::current_exception()); + } } }); return _std_mgr.start();