summaryrefslogtreecommitdiff
path: root/src/man
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2010-02-16 14:11:00 +0100
committerStephen Gallagher <sgallagh@redhat.com>2010-02-23 16:16:25 -0500
commitaf81aaa57f82eab78647113c391bd84247f96150 (patch)
treeb68313b8e8a5f71c76fda78e5750cf86f794c72d /src/man
parentf8c6a449412c6d5aa86609584fe4e530fd51a4b1 (diff)
downloadsssd-af81aaa57f82eab78647113c391bd84247f96150.tar.gz
sssd-af81aaa57f82eab78647113c391bd84247f96150.tar.bz2
sssd-af81aaa57f82eab78647113c391bd84247f96150.zip
Better cleanup task handling
Implements a different mechanism for cleanup task. Instead of just deleting expired entries, this patch adds a new option account_cache_expiration for domains. If an entry is expired and the last login was more days in the past that account_cache_expiration, the entry is deleted. Groups are deleted if they are expired and and no user references them (no user has memberof: attribute pointing at that group). The parameter account_cache_expiration is not LDAP-specific, so that other future backends might use the same timeout setting. Fixes: #391
Diffstat (limited to 'src/man')
-rw-r--r--src/man/sssd.conf.5.xml15
1 files changed, 15 insertions, 0 deletions
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index 665fa79e..171d261b 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -460,6 +460,21 @@
</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>account_cache_expiration (integer)</term>
+ <listitem>
+ <para>
+ Number of days entries are left in cache after
+ last successful login before being removed during
+ a cleanup of the cache. 0 means keep forever.
+ The value of this parameter must be bigger than
+ offline_credentials_expiration.
+ </para>
+ <para>
+ Default: 0 (unlimited)
+ </para>
+ </listitem>
+ </varlistentry>
<varlistentry>
<term>id_provider (string)</term>