Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
home:yukoff:openSUSE:Leap:42.1:Backports
sssd.6667
141030-2-NSS-disable-midpoint-refresh-for-netgr...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 141030-2-NSS-disable-midpoint-refresh-for-netgroups.patch of Package sssd.6667
From f933190722886ff23eab8148b473915908bc8c23 Mon Sep 17 00:00:00 2001 From: Pavel Reichl <preichl@redhat.com> Date: Thu, 30 Oct 2014 17:02:45 +0000 Subject: [PATCH] NSS: disable midpoint refresh for netgroups MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Disable midpoint refresh for netgroups if periodical refresh of expired netgroups is enabled (refresh_expired_interval) Resolves: https://fedorahosted.org/sssd/ticket/2102 Reviewed-by: Pavel Březina <pbrezina@redhat.com> diff -rupN sssd-1.11.5.1-original/src/responder/nss/nsssrv_cmd.c sssd-1.11.5.1-patched/src/responder/nss/nsssrv_cmd.c --- sssd-1.11.5.1-original/src/responder/nss/nsssrv_cmd.c 2017-01-31 16:57:41.492342926 +0100 +++ sssd-1.11.5.1-patched/src/responder/nss/nsssrv_cmd.c 2017-01-31 16:59:45.089663171 +0100 @@ -502,6 +502,25 @@ static int nss_cmd_getpw_send_reply(stru return EOK; } +/* Currently only refreshing expired netgroups is supported. */ +static bool +is_refreshed_on_bg(int req_type, + enum sss_dp_acct_type refresh_expired_interval) +{ + if (refresh_expired_interval == 0) { + return false; + } + + switch (req_type) { + case SSS_DP_NETGR: + return true; + default: + return false; + } + + return false; +} + static void nsssrv_dp_send_acct_req_done(struct tevent_req *req); /* FIXME: do not check res->count, but get in a msgs and check in parent */ @@ -531,20 +550,32 @@ errno_t check_cache(struct nss_dom_ctx * return ENOENT; } - /* if we have any reply let's check cache validity */ + /* if we have any reply let's check cache validity, but ignore netgroups + * if refresh_expired_interval is set (which implies that another method + * is used to refresh netgroups) + */ if (res->count > 0) { - if (req_type == SSS_DP_INITGROUPS) { - cacheExpire = ldb_msg_find_attr_as_uint64(res->msgs[0], - SYSDB_INITGR_EXPIRE, 1); - } - if (cacheExpire == 0) { - cacheExpire = ldb_msg_find_attr_as_uint64(res->msgs[0], - SYSDB_CACHE_EXPIRE, 0); + if (is_refreshed_on_bg(req_type, + dctx->domain->refresh_expired_interval)) { + ret = EOK; + } else { + if (req_type == SSS_DP_INITGROUPS) { + cacheExpire = ldb_msg_find_attr_as_uint64(res->msgs[0], + SYSDB_INITGR_EXPIRE, + 1); + } + if (cacheExpire == 0) { + cacheExpire = ldb_msg_find_attr_as_uint64(res->msgs[0], + SYSDB_CACHE_EXPIRE, + 0); + } + + /* if we have any reply let's check cache validity */ + ret = sss_cmd_check_cache(res->msgs[0], + nctx->cache_refresh_percent, + cacheExpire); } - /* if we have any reply let's check cache validity */ - ret = sss_cmd_check_cache(res->msgs[0], nctx->cache_refresh_percent, - cacheExpire); if (ret == EOK) { DEBUG(SSSDBG_TRACE_FUNC, ("Cached entry is valid, returning..\n")); return EOK;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor