summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2010-02-24 10:20:48 +0100
committerStephen Gallagher <sgallagh@redhat.com>2010-02-25 08:40:28 -0500
commit980020c1ad798b79e7bb2c1618a04dd5cb7dd5cd (patch)
treebc082fd4dfcbf5ed6bc3f62b28bc6bca0d21c283
parent52e080ee2d50b6439b503695fb12808b3d0cc30b (diff)
downloadsssd-980020c1ad798b79e7bb2c1618a04dd5cb7dd5cd.tar.gz
sssd-980020c1ad798b79e7bb2c1618a04dd5cb7dd5cd.tar.bz2
sssd-980020c1ad798b79e7bb2c1618a04dd5cb7dd5cd.zip
Fix check for values of expiration limits
There were inconsistencies between what sssd.conf manpage said and what the code enforces.
-rw-r--r--src/man/sssd.conf.5.xml4
-rw-r--r--src/providers/ldap/ldap_common.c2
2 files changed, 3 insertions, 3 deletions
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index 171d261b..a3ec028f 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -467,8 +467,8 @@
Number of days entries are left in cache after
last successful login before being removed during
a cleanup of the cache. 0 means keep forever.
- The value of this parameter must be bigger than
- offline_credentials_expiration.
+ The value of this parameter must be greater than or
+ equal to offline_credentials_expiration.
</para>
<para>
Default: 0 (unlimited)
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
index a67ea362..b5765c27 100644
--- a/src/providers/ldap/ldap_common.c
+++ b/src/providers/ldap/ldap_common.c
@@ -251,7 +251,7 @@ int ldap_get_options(TALLOC_CTX *memctx,
goto done;
}
if (offline_credentials_expiration && account_cache_expiration &&
- offline_credentials_expiration >= account_cache_expiration) {
+ offline_credentials_expiration > account_cache_expiration) {
DEBUG(1, ("Value of %s (now %d) must be larger "
"than value of %s (now %d)\n",
opts->basic[SDAP_ACCOUNT_CACHE_EXPIRATION].opt_name,