Re: [SSSD] [PATCH] Reviewed sssd-ldap man page

Tue, 31 Aug 2010 10:27:41 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/25/2010 09:36 AM, Jan Zelený wrote:
> -                            The main difference between these two schema 
> types is
> -                            how group memberships are recorded in the server.

I would personally prefer not to delete the above sentence altogether,
just rephrase it. Sorry for nitpicking, but I know that the schema
differences have been a cause of confusion among users, so I think we
should keep the documentation as descriptive as possible.

>                  <varlistentry>
> +                    <term>ldap_user_modify_timestamp (string)</term>
> +                    <listitem>
> +                        <para>
> +                            The LDAP attribute that contains timestamp of the
> +                            last modification of the parental object.

This would better be answered by a native English speaker, but "parental
object" does not sound right to me, is just "parent object" better?

Also, In description of most of the added ldap_user_* attributes, I
think that "this parameter" would sound better than just "this".

> +                <varlistentry>
> +                    <term>entry_cache_timeout (integer)</term>
> +                    <listitem>
> +                        <para>
> +                            This represents how long the record (either user 
> or
> +                            group) will be valid in cache after it is loaded.
> +                            Every record has the same timeout. The value is 
> in
> +                            seconds.
> +                        </para>
> +                        <para>
> +                            Default: 5400 (1.5 hours)

This option is already described in sssd.conf since it is used by the
proxy backend, too.

>                  <varlistentry>
> +                    <term>account_cache_expiration (integer)</term>
> +                    <listitem>
> +                        <para>
> +                            Specifies how many days have to pass without user
> +                            logged in before he can be deleted from cache
> +                            during cleanup. Zero disables account cleanup.
> +                        </para>
> +                        <para>
> +                            Default: 0
> +                        </para>
> +                    </listitem>
> +                </varlistentry>
> +
> +                <varlistentry>

I'm wondering whether this should be considered a generic option,
similar to entry_cache_timeout and documented in sssd.conf. I think any
future back ends might implement a cleanup task, too, controlled by the
same parameter, even though LDAP is the only implemented ID provider so far.

Otherwise, looks good to me. Good work!

        Jakub
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkx9O3gACgkQHsardTLnvCXNPQCfVEHimdSz/7l+yvSrBAE/KS/y
UmAAniFgOk5jwAXFdIQis9VUTOoV2beD
=fvqJ
-----END PGP SIGNATURE-----
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel

Reply via email to