On Mon, May 11, 2015 at 03:18:55PM +0200, Lukas Slebodnik wrote: > On (11/05/15 12:51), Jakub Hrozek wrote: > >On Mon, May 11, 2015 at 11:15:29AM +0200, Lukas Slebodnik wrote: > >> Please document in man pages that it is not possible to turn off clean-up > >> task > >> with enabled enumeration and that default value is 10800 in that case. > > > >OK, see the attached patch. > > >From 049fe229e1e6ae1550cf26fe1ccd289340f10118 Mon Sep 17 00:00:00 2001 > >From: Jakub Hrozek <jhro...@redhat.com> > >Date: Tue, 28 Apr 2015 13:16:51 +0200 > >Subject: [PATCH] LDAP: disable the cleanup task by default > > > >Resolves: > > https://fedorahosted.org/sssd/ticket/2627 > > > >The cleanup task was designed to keep the cache size within certain > >limits. This is how it roughly works now: > > - find users who have never logged in by default. If > > account_cache_expiration is set, find users who loggged in later > > than account_cache_expiration > > - delete the matching set of users > > - find groups that have no members > > - delete the matching set of groups > > > >So unless account_cache_expiration is set to something sensible, only empty > >groups and expired users who never logged in are removed and that's quite > >a corner case. The above effectivelly walks the whole database, especially > >the groups step is quite slow with a huge database. The whole cleanup task > >also runs in a single sysdb transaction, which means all other transactions > >are blocked while the cleanup task crunches the database. > >--- > > src/man/sssd-ldap.5.xml | 9 +++++++-- > > src/providers/ad/ad_opts.h | 2 +- > > src/providers/ipa/ipa_opts.h | 2 +- > > src/providers/ldap/ldap_id_enum.c | 19 +++++++++++++++++++ > > src/providers/ldap/ldap_opts.h | 2 +- > > 5 files changed, 29 insertions(+), 5 deletions(-) > > > >diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml > >index > >83ec9b668fc129859646c01a0b690cabece0df32..9756a554701462a094c538bd00cf74b1b622c280 > > 100644 > >--- a/src/man/sssd-ldap.5.xml > >+++ b/src/man/sssd-ldap.5.xml > >@@ -719,10 +719,15 @@ > > </para> > > <para> > > Setting this option to zero will disable the > >- cache cleanup operation. > >+ cache cleanup operation. Please note that if > >+ enumeration is enabled, the cleanup task is > >+ required in order to detect entries removed from > >+ the server and can't be disabled. By default, > >+ the cleanup task will run every 3 hours with > >+ enumeration enabled. > > </para> > > <para> > >- Default: 10800 (3 hours) > >+ Default: 0 (disabled) > > </para> > > </listitem> > > </varlistentry> > Code wise ACK. > http://sssd-ci.duckdns.org/logs/job/15/08/summary.html > > It would be good to have a blessing for man page from native speaker.
Stephen, do you have a minute to check if the manpage hunk sounds good? _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
