sudo ldap provider: add expiration time to each rule

author: Pavel Březina <pbrezina@redhat.com> 2012-04-23 15:07:17 +0200
committer: Stephen Gallagher <sgallagh@redhat.com> 2012-06-29 11:37:16 -0400
commit: 80357fbba7e8251c85aa884749f275eed28eb4eb (patch)
tree: bc65ffa47310a477d42f15cdd43730aabcd1a072 /src/providers/ldap/sdap_sudo_cache.c
parent: 4cab4191f9e0d8d2cc04084964c71454a62852fe (diff)
download: sssd-80357fbba7e8251c85aa884749f275eed28eb4eb.tar.gz
sssd-80357fbba7e8251c85aa884749f275eed28eb4eb.tar.bz2
sssd-80357fbba7e8251c85aa884749f275eed28eb4eb.zip
1 files changed, 16 insertions, 3 deletions
diff --git a/src/providers/ldap/sdap_sudo_cache.c b/src/providers/ldap/sdap_sudo_cache.c
index c58fa1c3..39b028d6 100644
--- a/src/providers/ldap/sdap_sudo_cache.c
+++ b/src/providers/ldap/sdap_sudo_cache.c
@@ -26,7 +26,9 @@
 static errno_t
 sdap_save_native_sudorule(struct sysdb_ctx *sysdb_ctx,
                           struct sdap_attr_map *map,
-                          struct sysdb_attrs *attrs)
+                          struct sysdb_attrs *attrs,
+                          int cache_timeout,
+                          time_t now)
 {
     errno_t ret;
     const char *rule_name;
@@ -39,6 +41,14 @@ sdap_save_native_sudorule(struct sysdb_ctx *sysdb_ctx,
         return ret;
     }
 
+    ret = sysdb_attrs_add_time_t(attrs, SYSDB_CACHE_EXPIRE,
+                                 (cache_timeout ? (now + cache_timeout) : 0));
+    if (ret) {
+        DEBUG(SSSDBG_OP_FAILURE, ("Could not set sysdb cache expire [%d]: %s\n",
+              ret, strerror(ret)));
+        return ret;
+    }
+
     ret = sysdb_save_sudorule(sysdb_ctx, rule_name, attrs);
     if (ret != EOK) {
         DEBUG(SSSDBG_OP_FAILURE, ("Could not save sudorule %s\n", rule_name));
@@ -52,7 +62,9 @@ errno_t
 sdap_save_native_sudorule_list(struct sysdb_ctx *sysdb_ctx,
                                struct sdap_attr_map *map,
                                struct sysdb_attrs **replies,
-                               size_t replies_count)
+                               size_t replies_count,
+                               int cache_timeout,
+                               time_t now)
 {
     errno_t ret, tret;
     bool in_transaction = false;
@@ -66,7 +78,8 @@ sdap_save_native_sudorule_list(struct sysdb_ctx *sysdb_ctx,
     in_transaction = true;
 
     for (i=0; i<replies_count; i++) {
-        ret = sdap_save_native_sudorule(sysdb_ctx, map, replies[i]);
+        ret = sdap_save_native_sudorule(sysdb_ctx, map, replies[i],
+                                        cache_timeout, now);
         if (ret != EOK) {
             goto fail;
         }
author	Pavel Březina <pbrezina@redhat.com>	2012-04-23 15:07:17 +0200
committer	Stephen Gallagher <sgallagh@redhat.com>	2012-06-29 11:37:16 -0400
commit	80357fbba7e8251c85aa884749f275eed28eb4eb (patch)
tree	bc65ffa47310a477d42f15cdd43730aabcd1a072 /src/providers/ldap/sdap_sudo_cache.c
parent	4cab4191f9e0d8d2cc04084964c71454a62852fe (diff)
download	sssd-80357fbba7e8251c85aa884749f275eed28eb4eb.tar.gz sssd-80357fbba7e8251c85aa884749f275eed28eb4eb.tar.bz2 sssd-80357fbba7e8251c85aa884749f275eed28eb4eb.zip