diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2012-05-16 14:32:29 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-05-16 16:06:58 -0400 |
commit | be174855d948ca8eeebe63be50e20b9daad58019 (patch) | |
tree | f8d840b7e7c8b48c99932d960566cba863e5e138 /src/responder | |
parent | d217f6b1176f653619439820cd9c4d3cb7f95c29 (diff) | |
download | sssd-be174855d948ca8eeebe63be50e20b9daad58019.tar.gz sssd-be174855d948ca8eeebe63be50e20b9daad58019.tar.bz2 sssd-be174855d948ca8eeebe63be50e20b9daad58019.zip |
NSS: Expire in-memory netgroup cache before the nowait timeout
The fact that we were keeping it in memory for the full duration
of the cache timeout meant that we would never reap the benefits
of the midpoint cache refresh.
https://fedorahosted.org/sssd/ticket/1340
Diffstat (limited to 'src/responder')
-rw-r--r-- | src/responder/nss/nsssrv_netgroup.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/responder/nss/nsssrv_netgroup.c b/src/responder/nss/nsssrv_netgroup.c index 83e79a2f..593b7e43 100644 --- a/src/responder/nss/nsssrv_netgroup.c +++ b/src/responder/nss/nsssrv_netgroup.c @@ -416,6 +416,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) struct getent_ctx *netgr; struct sysdb_ctx *sysdb; char *name = NULL; + uint32_t lifetime; /* Check each domain for this netgroup name */ while (dom) { @@ -531,7 +532,14 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) name, dom->name)); netgr->ready = true; netgr->found = true; - set_netgr_lifetime(dom->netgroup_timeout, step_ctx, netgr); + if (step_ctx->nctx->cache_refresh_percent) { + lifetime = dom->netgroup_timeout * + (step_ctx->nctx->cache_refresh_percent / 100); + } else { + lifetime = dom->netgroup_timeout; + } + if (lifetime < 10) lifetime = 10; + set_netgr_lifetime(lifetime, step_ctx, netgr); return EOK; } |