URL: https://github.com/SSSD/sssd/pull/528 Author: jhrozek Title: #528: NSS: Adjust netgroup setnetgrent cache lifetime if midpoint refresh is used Action: synchronized
To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/528/head:pr528 git checkout pr528
From d7d83b2934876f14e0a4c77f66eb419fd4f909f7 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Mon, 5 Mar 2018 21:00:30 +0100 Subject: [PATCH] NSS: Adjust netgroup setnetgrent cache lifetime if midpoint refresh is used This is a minor regression compared to the state of the code before we converted the responders to cache_req. The NSS responder keeps a has table of netgroup objects in memory for either the lifetime of the netgroup, or, in case midpoint refresh is used, up to the midpoint refresh time. The case with the midpoint refresh was removed in the cache_req enabled code, which means that even if the netgroup was updated in the cache with the background refresh task, the object was never read from cache, but always still returned from the in-memory enumeration hash. Resolves: https://pagure.io/SSSD/sssd/issue/3550 --- src/responder/nss/nss_enum.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/responder/nss/nss_enum.c b/src/responder/nss/nss_enum.c index da844fbce..031db9f2e 100644 --- a/src/responder/nss/nss_enum.c +++ b/src/responder/nss/nss_enum.c @@ -280,7 +280,18 @@ nss_setnetgrent_set_timeout(struct tevent_context *ev, struct timeval tv; uint32_t timeout; - timeout = enum_ctx->result[0]->domain->netgroup_timeout; + if (nss_ctx->cache_refresh_percent) { + timeout = enum_ctx->result[0]->domain->netgroup_timeout * + (nss_ctx->cache_refresh_percent / 100.0); + } else { + timeout = enum_ctx->result[0]->domain->netgroup_timeout; + } + + /* In order to not trash the cache between setnetgrent()/getnetgrent() + * calls with too low timeout values, we only allow 10 seconds as + * the minimal timeout + */ + if (timeout < 10) timeout = 10; tv = tevent_timeval_current_ofs(timeout, 0); te = tevent_add_timer(ev, enum_ctx, tv, nss_setnetgrent_timeout, enum_ctx);
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org