summaryrefslogtreecommitdiff
path: root/src/responder
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2013-09-18 15:49:46 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-09-25 11:21:34 +0200
commitd82e648c8e5e86be94b069551998001d4cb3bdab (patch)
treecc96f702dc17259e3b93ded6a3328ed5d4e4a775 /src/responder
parent0929629fd69df6e83f9986707b2a6462e0e273d0 (diff)
downloadsssd-d82e648c8e5e86be94b069551998001d4cb3bdab.tar.gz
sssd-d82e648c8e5e86be94b069551998001d4cb3bdab.tar.bz2
sssd-d82e648c8e5e86be94b069551998001d4cb3bdab.zip
NSS: Failure to store entry negative cache should not be fatal
The only effect the failure to store a result to negative cache might have would be a slower lookup next time.
Diffstat (limited to 'src/responder')
-rw-r--r--src/responder/nss/nsssrv_cmd.c49
1 files changed, 31 insertions, 18 deletions
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index a62bfd8c..7220e3a3 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -773,7 +773,8 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx)
/* set negative cache only if not result of cache check */
ret = sss_ncache_set_user(nctx->ncache, false, dom, name);
if (ret != EOK) {
- return ret;
+ DEBUG(SSSDBG_MINOR_FAILURE, ("Cannot set negcache for %s@%s\n",
+ name, dom->name));
}
/* if a multidomain search, try with next */
@@ -1221,6 +1222,7 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx)
struct sysdb_ctx *sysdb;
struct nss_ctx *nctx;
int ret;
+ int err;
nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx);
@@ -1311,9 +1313,10 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx)
done:
if (ret == ENOENT) {
/* The entry was not found, need to set result in negative cache */
- ret = sss_ncache_set_uid(nctx->ncache, false, cmdctx->id);
- if (ret != EOK) {
- return ret;
+ err = sss_ncache_set_uid(nctx->ncache, false, cmdctx->id);
+ if (err != EOK) {
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Cannot set negative cache for UID %d\n", cmdctx->id));
}
}
@@ -2594,7 +2597,8 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx)
/* set negative cache only if not result of cache check */
ret = sss_ncache_set_group(nctx->ncache, false, dom, name);
if (ret != EOK) {
- return ret;
+ DEBUG(SSSDBG_MINOR_FAILURE, ("Cannot set negcache for %s@%s\n",
+ name, dom->name));
}
/* if a multidomain search, try with next */
@@ -2664,6 +2668,7 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx)
struct sysdb_ctx *sysdb;
struct nss_ctx *nctx;
int ret;
+ int err;
nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx);
@@ -2755,9 +2760,10 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx)
done:
if (ret == ENOENT) {
/* The entry was not found, need to set result in negative cache */
- ret = sss_ncache_set_gid(nctx->ncache, false, cmdctx->id);
- if (ret != EOK) {
- return ret;
+ err = sss_ncache_set_gid(nctx->ncache, false, cmdctx->id);
+ if (err != EOK) {
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Cannot set negative cache for GID %d\n", cmdctx->id));
}
}
@@ -3584,7 +3590,8 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx)
/* set negative cache only if not result of cache check */
ret = sss_ncache_set_user(nctx->ncache, false, dom, name);
if (ret != EOK) {
- return ret;
+ DEBUG(SSSDBG_MINOR_FAILURE, ("Cannot set negcache for %s@%s\n",
+ name, dom->name));
}
/* if a multidomain search, try with next */
@@ -3636,6 +3643,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx)
struct sysdb_ctx *sysdb;
struct nss_ctx *nctx;
int ret;
+ int err;
const char *attrs[] = {SYSDB_NAME, SYSDB_OBJECTCLASS, SYSDB_SID_STR, NULL};
bool user_found = false;
bool group_found = false;
@@ -3825,12 +3833,14 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx)
if (cmdctx->cmd == SSS_NSS_GETSIDBYNAME) {
ret = sss_ncache_set_user(nctx->ncache, false, dom, name);
if (ret != EOK) {
- return ret;
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Cannot set negcache for %s@%s\n", name, dom->name));
}
ret = sss_ncache_set_group(nctx->ncache, false, dom, name);
if (ret != EOK) {
- return ret;
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Cannot set negcache for %s@%s\n", name, dom->name));
}
}
/* if a multidomain search, try with next */
@@ -3896,14 +3906,16 @@ done:
if (cmdctx->cmd == SSS_NSS_GETSIDBYID) {
DEBUG(SSSDBG_MINOR_FAILURE,
("No matching domain found for [%d], fail!\n", cmdctx->id));
- ret = sss_ncache_set_uid(nctx->ncache, false, cmdctx->id);
- if (ret != EOK) {
- return ret;
+ err = sss_ncache_set_uid(nctx->ncache, false, cmdctx->id);
+ if (err != EOK) {
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Cannot set negative cache for UID %d\n", cmdctx->id));
}
- ret = sss_ncache_set_gid(nctx->ncache, false, cmdctx->id);
- if (ret != EOK) {
- return ret;
+ err = sss_ncache_set_gid(nctx->ncache, false, cmdctx->id);
+ if (err != EOK) {
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Cannot set negative cache for GID %d\n", cmdctx->id));
}
} else {
DEBUG(SSSDBG_MINOR_FAILURE,
@@ -3953,7 +3965,8 @@ static errno_t nss_cmd_getbysid_search(struct nss_dom_ctx *dctx)
/* set negative cache only if not result of cache check */
ret = sss_ncache_set_sid(nctx->ncache, false, cmdctx->secid);
if (ret != EOK) {
- return ret;
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Cannot set negative cache for %s\n", cmdctx->secid));
}
return ENOENT;