Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.2:Staging:A
sssd
0016-MONITOR-Add-a-new-option-to-control-resolv...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0016-MONITOR-Add-a-new-option-to-control-resolv.conf-moni.patch of Package sssd
From 5b1434630b52399902e1ff72815c36bc6fedfbfd Mon Sep 17 00:00:00 2001 From: Samuel Cabrero <scabrero@suse.de> Date: Mon, 2 Sep 2019 15:31:09 +0200 Subject: [PATCH 16/18] MONITOR: Add a new option to control resolv.conf monitoring For those use-cases where resolv.conf will never exist the new 'monitor_resolv_conf' option can be set to false to skip the retry loop which tries to set the inotify watcher. Signed-off-by: Samuel Cabrero <scabrero@suse.de> Reviewed-by: Sumit Bose <sbose@redhat.com> (cherry picked from commit 9b6323d8e99c3edb16b64ef60a769efbc3a292aa) --- src/confdb/confdb.h | 1 + src/config/SSSDConfigTest.py | 1 + src/config/cfg_rules.ini | 1 + src/config/etc/sssd.api.conf | 1 + src/man/sssd.conf.5.xml | 23 ++++++++++++----- src/monitor/monitor.c | 49 ++++++++++++++++++++++++++++-------- 6 files changed, 59 insertions(+), 17 deletions(-) diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h index c97a9b804..3f07c1a91 100644 --- a/src/confdb/confdb.h +++ b/src/confdb/confdb.h @@ -66,6 +66,7 @@ #define CONFDB_MONITOR_SBUS_TIMEOUT "sbus_timeout" #define CONFDB_MONITOR_ACTIVE_SERVICES "services" #define CONFDB_MONITOR_ACTIVE_DOMAINS "domains" +#define CONFDB_MONITOR_RESOLV_CONF "monitor_resolv_conf" #define CONFDB_MONITOR_TRY_INOTIFY "try_inotify" #define CONFDB_MONITOR_KRB5_RCACHEDIR "krb5_rcache_dir" #define CONFDB_MONITOR_DEFAULT_DOMAIN "default_domain_suffix" diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index 87d1f6e64..488ae5da4 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -373,6 +373,7 @@ class SSSDConfigTestSSSDService(unittest.TestCase): 'enable_files_domain', 'domain_resolution_order', 'try_inotify', + 'monitor_resolv_conf', ] self.assertTrue(type(options) == dict, diff --git a/src/config/cfg_rules.ini b/src/config/cfg_rules.ini index 2f63942b7..c8d63d5f6 100644 --- a/src/config/cfg_rules.ini +++ b/src/config/cfg_rules.ini @@ -51,6 +51,7 @@ option = disable_netlink option = enable_files_domain option = domain_resolution_order option = try_inotify +option = monitor_resolv_conf [rule/allowed_nss_options] validator = ini_allowed_options diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index 2be2e3e68..69beec875 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -34,6 +34,7 @@ disable_netlink = bool, None, false enable_files_domain = str, None, false domain_resolution_order = list, str, false try_inotify = bool, None, false +monitor_resolv_conf = bool, None, false [nss] # Name service diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index dc6a3c941..21a62fb55 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -318,16 +318,27 @@ </para> </listitem> </varlistentry> + <varlistentry> + <term>monitor_resolv_conf (boolean)</term> + <listitem> + <para> + Controls if SSSD should monitor the state of + resolv.conf to identify when it needs to + update its internal DNS resolver. + </para> + <para> + Default: true + </para> + </listitem> + </varlistentry> <varlistentry> <term>try_inotify (boolean)</term> <listitem> <para> - SSSD monitors the state of resolv.conf to - identify when it needs to update its internal - DNS resolver. By default, we will attempt to - use inotify for this, and will fall back to - polling resolv.conf every five seconds if - inotify cannot be used. + By default, SSSD will attempt to use inotify + to monitor configuration files changes and + will fall back to polling every five seconds + if inotify cannot be used. </para> <para> There are some limited situations where it is diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c index f41cfad92..7d1c1c79b 100644 --- a/src/monitor/monitor.c +++ b/src/monitor/monitor.c @@ -1951,13 +1951,46 @@ static void missing_resolv_conf(struct tevent_context *ev, } } +static int monitor_config_files(struct mt_ctx *ctx) +{ + int ret; + bool monitor_resolv_conf; + struct timeval tv; + struct tevent_timer *te; + + /* Watch for changes to the DNS resolv.conf */ + ret = confdb_get_bool(ctx->cdb, + CONFDB_MONITOR_CONF_ENTRY, + CONFDB_MONITOR_RESOLV_CONF, + true, &monitor_resolv_conf); + if (ret != EOK) { + return ret; + } + + if (monitor_resolv_conf) { + ret = monitor_config_file(ctx, ctx, monitor_update_resolv, + RESOLV_CONF_PATH); + if (ret == ENOENT) { + tv = tevent_timeval_current_ofs(MISSING_RESOLV_CONF_POLL_TIME, 0); + te = tevent_add_timer(ctx->ev, ctx, tv, missing_resolv_conf, ctx); + if (te == NULL) { + DEBUG(SSSDBG_FATAL_FAILURE, "resolv.conf will be ignored\n"); + } + } else if (ret != EOK) { + return ret; + } + } else { + DEBUG(SSS_LOG_NOTICE, "%s monitoring is disabled\n", RESOLV_CONF_PATH); + } + + return EOK; +} + static int monitor_process_init(struct mt_ctx *ctx, const char *config_file) { TALLOC_CTX *tmp_ctx; struct tevent_signal *tes; - struct timeval tv; - struct tevent_timer *te; struct sss_domain_info *dom; char *rcachedir; int num_providers; @@ -2032,15 +2065,9 @@ static int monitor_process_init(struct mt_ctx *ctx, ret = sss_sigchld_init(ctx, ctx->ev, &ctx->sigchld_ctx); if (ret != EOK) return ret; - /* Watch for changes to the DNS resolv.conf */ - ret = monitor_config_file(ctx, ctx, monitor_update_resolv, RESOLV_CONF_PATH); - if (ret == ENOENT) { - tv = tevent_timeval_current_ofs(MISSING_RESOLV_CONF_POLL_TIME, 0); - te = tevent_add_timer(ctx->ev, ctx, tv, missing_resolv_conf, ctx); - if (te == NULL) { - DEBUG(SSSDBG_FATAL_FAILURE, "resolv.conf will be ignored\n"); - } - } else if (ret != EOK) { + /* Set up watchers for system config files */ + ret = monitor_config_files(ctx); + if (ret != EOK) { return ret; } -- 2.23.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor