diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2010-02-16 14:11:00 +0100 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-02-23 16:16:25 -0500 |
| commit | af81aaa57f82eab78647113c391bd84247f96150 (patch) | |
| tree | b68313b8e8a5f71c76fda78e5750cf86f794c72d /src/man | |
| parent | f8c6a449412c6d5aa86609584fe4e530fd51a4b1 (diff) | |
| download | sssd-af81aaa57f82eab78647113c391bd84247f96150.tar.gz sssd-af81aaa57f82eab78647113c391bd84247f96150.tar.bz2 sssd-af81aaa57f82eab78647113c391bd84247f96150.zip | |
Better cleanup task handling
Implements a different mechanism for cleanup task. Instead of just
deleting expired entries, this patch adds a new option
account_cache_expiration for domains. If an entry is expired and the last
login was more days in the past that account_cache_expiration, the entry is
deleted.
Groups are deleted if they are expired and and no user references them
(no user has memberof: attribute pointing at that group).
The parameter account_cache_expiration is not LDAP-specific, so that other
future backends might use the same timeout setting.
Fixes: #391
Diffstat (limited to 'src/man')
| -rw-r--r-- | src/man/sssd.conf.5.xml | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 665fa79e..171d261b 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -460,6 +460,21 @@ </para> </listitem> </varlistentry> + <varlistentry> + <term>account_cache_expiration (integer)</term> + <listitem> + <para> + Number of days entries are left in cache after + last successful login before being removed during + a cleanup of the cache. 0 means keep forever. + The value of this parameter must be bigger than + offline_credentials_expiration. + </para> + <para> + Default: 0 (unlimited) + </para> + </listitem> + </varlistentry> <varlistentry> <term>id_provider (string)</term> |