URL: https://github.com/SSSD/sssd/pull/705 Title: #705: KCM: Add configurable quotas
jhrozek commented: """ OK, I'll squash this diff: ``` diff --git a/src/responder/secrets/secsrv.c b/src/responder/secrets/secsrv.c index b18bbfd19..e783e231d 100644 --- a/src/responder/secrets/secsrv.c +++ b/src/responder/secrets/secsrv.c @@ -98,9 +98,6 @@ static int sec_get_config(struct sec_ctx *sctx) sctx->max_payload_size = 1; /* Read the global quota first -- this should be removed in a future release */ - /* Note that this sets the defaults for the sec_config quota to be used - * in sec_get_hive_config() - */ ret = sss_sec_get_quota(sctx->rctx->cdb, sctx->rctx->confdb_service_path, &dfl_sec_nest_level, @@ -114,6 +111,16 @@ static int sec_get_config(struct sec_ctx *sctx) goto fail; } + /* Use the global quota values as defaults for the secrets/secrets section */ + dfl_sec_nest_level.default_value = \ + sctx->sec_config.quota.containers_nest_level; + dfl_sec_max_secrets.default_value = \ + sctx->sec_config.quota.max_secrets; + dfl_sec_max_uid_secrets.default_value = \ + sctx->sec_config.quota.max_uid_secrets; + dfl_sec_max_payload_size.default_value = \ + sctx->sec_config.quota.max_payload_size; + /* Read the per-hive configuration */ ret = sss_sec_get_hive_config(sctx->rctx->cdb, "secrets", ``` Into "SECRETS: Use different option names from secrets and KCM for quota options". The previous code never used the (deprecated) quotas from the global [secrets] question. (The removed comment also gives a nice hint at what the previous code did) """ See the full comment at https://github.com/SSSD/sssd/pull/705#issuecomment-446359085
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org