https://fedorahosted.org/sssd/ticket/1318
Tested with getent, works fine. Thanks Jan
From 2277f5b62bd150c806a6320fa85ebe1efa010216 Mon Sep 17 00:00:00 2001 From: Jan Zeleny <jzel...@redhat.com> Date: Thu, 31 May 2012 18:08:46 -0400 Subject: [PATCH] Allow fast memcache timeout to be configurable https://fedorahosted.org/sssd/ticket/1318 --- src/confdb/confdb.h | 1 + src/config/etc/sssd.api.conf | 1 + src/man/sssd.conf.5.xml | 12 ++++++++++++ src/responder/nss/nsssrv.c | 14 ++++++++++++-- src/responder/nss/nsssrv_mmap_cache.c | 4 ++-- src/responder/nss/nsssrv_mmap_cache.h | 2 +- 6 files changed, 29 insertions(+), 5 deletions(-) diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h index 2468f7e504b56c3c091b450058cc21a8b8887e45..5893897f9e85efb579d2996643098efb38fe6da9 100644 --- a/src/confdb/confdb.h +++ b/src/confdb/confdb.h @@ -86,6 +86,7 @@ #define CONFDB_NSS_ALLOWED_SHELL "allowed_shells" #define CONFDB_NSS_SHELL_FALLBACK "shell_fallback" #define CONFDB_NSS_DEFAULT_SHELL "default_shell" +#define CONFDB_MEMCACHE_TIMEOUT "memcache_timeout" /* PAM */ #define CONFDB_PAM_CONF_ENTRY "config/pam" diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index a1caa7b53be52a7a7165d268634a66ec1c74933d..e09a8bf033f38144cd9824e2592728c2898e3db2 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -38,6 +38,7 @@ vetoed_shells = list, str, false shell_fallback = str, None, false default_shell = str, None, false get_domains_timeout = int, None, false +memcache_timeout = int, None, false [pam] # Authentication service diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 8eaeb13ce0e2af97b19b0855d8cc7f5985659214..c946c6e1f77c09c02029e7e8a0598b02f063f1c4 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -543,6 +543,18 @@ </para> </listitem> </varlistentry> + <varlistentry> + <term>memcache_timeout (int)</term> + <listitem> + <para> + Specifies time in seconds for which records + in the in-memory cache will be valid + </para> + <para> + Default: 300 + </para> + </listitem> + </varlistentry> </variablelist> </refsect2> <refsect2 id='PAM'> diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c index 9cb4a569722dcdab2bc6daaf55b13bb21aa6f2fd..85bf6dc821e8155c9acbef46bddef8d251a8d9fa 100644 --- a/src/responder/nss/nsssrv.c +++ b/src/responder/nss/nsssrv.c @@ -262,6 +262,7 @@ int nss_process_init(TALLOC_CTX *mem_ctx, struct sss_cmd_table *nss_cmds; struct be_conn *iter; struct nss_ctx *nctx; + int memcache_timeout; int ret, max_retries; int hret; int fd_limit; @@ -323,16 +324,25 @@ int nss_process_init(TALLOC_CTX *mem_ctx, } /* create mmap caches */ + ret = confdb_get_int(nctx->rctx->cdb, + CONFDB_NSS_CONF_ENTRY, + CONFDB_MEMCACHE_TIMEOUT, + 300, &memcache_timeout); + if (ret != EOK) { + DEBUG(0, ("Failed to set up automatic reconnection\n")); + return ret; + } + /* TODO: read cache sizes from configuration */ ret = sss_mmap_cache_init(nctx, "passwd", SSS_MC_PASSWD, - 50000, + 50000, (time_t)memcache_timeout, &nctx->pwd_mc_ctx); if (ret) { DEBUG(SSSDBG_CRIT_FAILURE, ("passwd mmap cache is DISABLED")); } ret = sss_mmap_cache_init(nctx, "group", SSS_MC_GROUP, - 50000, + 50000, (time_t)memcache_timeout, &nctx->grp_mc_ctx); if (ret) { DEBUG(SSSDBG_CRIT_FAILURE, ("group mmap cache is DISABLED")); diff --git a/src/responder/nss/nsssrv_mmap_cache.c b/src/responder/nss/nsssrv_mmap_cache.c index e60d06198bb828149b6bf2c5002a303a915d2f2a..07498a9b71981f17a657a919dcc458eb13e2cec2 100644 --- a/src/responder/nss/nsssrv_mmap_cache.c +++ b/src/responder/nss/nsssrv_mmap_cache.c @@ -602,7 +602,7 @@ static void sss_mc_header_update(struct sss_mc_ctx *mc_ctx, int status) errno_t sss_mmap_cache_init(TALLOC_CTX *mem_ctx, const char *name, enum sss_mc_type type, size_t n_elem, - struct sss_mc_ctx **mcc) + time_t timeout, struct sss_mc_ctx **mcc) { struct sss_mc_ctx *mc_ctx = NULL; unsigned int rseed; @@ -634,7 +634,7 @@ errno_t sss_mmap_cache_init(TALLOC_CTX *mem_ctx, const char *name, mc_ctx->type = type; - mc_ctx->valid_time_slot = 300; /* 5 min. FIXME: parametrize */ + mc_ctx->valid_time_slot = timeout; mc_ctx->file = talloc_asprintf(mc_ctx, "%s/%s", SSS_NSS_MCACHE_DIR, name); diff --git a/src/responder/nss/nsssrv_mmap_cache.h b/src/responder/nss/nsssrv_mmap_cache.h index 72fcf2206275503abb2ee4e11e048a248ed93c39..81241b24dbb60c104b46aa6861b8c9d21a6c3bad 100644 --- a/src/responder/nss/nsssrv_mmap_cache.h +++ b/src/responder/nss/nsssrv_mmap_cache.h @@ -32,7 +32,7 @@ enum sss_mc_type { errno_t sss_mmap_cache_init(TALLOC_CTX *mem_ctx, const char *name, enum sss_mc_type type, size_t n_elem, - struct sss_mc_ctx **mcc); + time_t valid_time, struct sss_mc_ctx **mcc); errno_t sss_mmap_cache_pw_store(struct sss_mc_ctx *mcc, struct sized_string *name, -- 1.7.7.6
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel