summaryrefslogtreecommitdiff
path: root/src/config/etc
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2010-02-16 14:11:00 +0100
committerStephen Gallagher <sgallagh@redhat.com>2010-02-23 16:16:25 -0500
commitaf81aaa57f82eab78647113c391bd84247f96150 (patch)
treeb68313b8e8a5f71c76fda78e5750cf86f794c72d /src/config/etc
parentf8c6a449412c6d5aa86609584fe4e530fd51a4b1 (diff)
downloadsssd-af81aaa57f82eab78647113c391bd84247f96150.tar.gz
sssd-af81aaa57f82eab78647113c391bd84247f96150.tar.bz2
sssd-af81aaa57f82eab78647113c391bd84247f96150.zip
Better cleanup task handling
Implements a different mechanism for cleanup task. Instead of just deleting expired entries, this patch adds a new option account_cache_expiration for domains. If an entry is expired and the last login was more days in the past that account_cache_expiration, the entry is deleted. Groups are deleted if they are expired and and no user references them (no user has memberof: attribute pointing at that group). The parameter account_cache_expiration is not LDAP-specific, so that other future backends might use the same timeout setting. Fixes: #391
Diffstat (limited to 'src/config/etc')
-rw-r--r--src/config/etc/sssd.api.conf1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf
index 35890acc..14ec3083 100644
--- a/src/config/etc/sssd.api.conf
+++ b/src/config/etc/sssd.api.conf
@@ -55,6 +55,7 @@ store_legacy_passwords = bool, None, false
use_fully_qualified_names = bool, None, false
entry_cache_timeout = int, None, false
lookup_family_order = str, None, false
+account_cache_expiration = int, None, false
# Special providers
[provider/permit]