diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2012-06-18 11:23:04 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-06-18 14:37:59 -0400 |
commit | bb79e7559dae451a14150377099e32d6b5159a6c (patch) | |
tree | 0410bbb6f6c50e1388c8a6e18e3812b36086d4e2 /src | |
parent | dd94e9c9c586fb2c2a0e7175251c08c2762598b0 (diff) | |
download | sssd-bb79e7559dae451a14150377099e32d6b5159a6c.tar.gz sssd-bb79e7559dae451a14150377099e32d6b5159a6c.tar.bz2 sssd-bb79e7559dae451a14150377099e32d6b5159a6c.zip |
Make the client idle timeout configurable
Diffstat (limited to 'src')
-rw-r--r-- | src/confdb/confdb.h | 2 | ||||
-rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 1 | ||||
-rwxr-xr-x | src/config/SSSDConfigTest.py | 3 | ||||
-rw-r--r-- | src/config/etc/sssd.api.conf | 1 | ||||
-rw-r--r-- | src/man/sssd.conf.5.xml | 15 | ||||
-rw-r--r-- | src/responder/common/responder.h | 1 | ||||
-rw-r--r-- | src/responder/common/responder_common.c | 22 |
7 files changed, 40 insertions, 5 deletions
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h index db247b18..3fa8b037 100644 --- a/src/confdb/confdb.h +++ b/src/confdb/confdb.h @@ -72,6 +72,8 @@ /* Responders */ #define CONFDB_RESPONDER_GET_DOMAINS_TIMEOUT "get_domains_timeout" +#define CONFDB_RESPONDER_CLI_IDLE_TIMEOUT "client_idle_timeout" +#define CONFDB_RESPONDER_CLI_IDLE_DEFAULT_TIMEOUT 60 /* NSS */ #define CONFDB_NSS_CONF_ENTRY "config/nss" diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index d7895b49..b90f505d 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -45,6 +45,7 @@ option_strings = { 'command' : _('Command to start service'), 'reconnection_retries' : _('Number of times to attempt connection to Data Providers'), 'fd_limit' : _('The number of file descriptors that may be opened by this responder'), + 'client_idle_timeout' : _('Idle time before automatic disconnection of a client'), # [sssd] 'services' : _('SSSD Services to start'), diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index 1e1fe98e..ef696e98 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -274,7 +274,8 @@ class SSSDConfigTestSSSDService(unittest.TestCase): 'debug_to_files', 'command', 'reconnection_retries', - 'fd_limit'] + 'fd_limit', + 'client_idle_timeout'] self.assertTrue(type(options) == dict, "Options should be a dictionary") diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index e09a8bf0..c3d6fa81 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -10,6 +10,7 @@ debug_to_files = bool, None, false command = str, None, false reconnection_retries = int, None, false fd_limit = int, None, false +client_idle_timeout = int, None, false [sssd] # Monitor service diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 1dae3ccb..bdf2543b 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -303,6 +303,21 @@ </para> </listitem> </varlistentry> + <varlistentry> + <term>client_idle_timeout</term> + <listitem> + <para> + This option specifies the number of seconds that + a client of an SSSD process can hold onto a file + descriptor without communicating on it. This value + is limited in order to avoid resource exhasution + on the system. + </para> + <para> + Default: 60 + </para> + </listitem> + </varlistentry> </variablelist> </refsect2> diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h index 67884ed7..43a4fa02 100644 --- a/src/responder/common/responder.h +++ b/src/responder/common/responder.h @@ -87,6 +87,7 @@ struct resp_ctx { struct sss_domain_info *domains; int domains_timeout; + int client_idle_timeout; struct sysdb_ctx_list *db_list; struct sss_cmd_table *sss_cmds; diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 3c269725..242fae99 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -352,10 +352,8 @@ static void accept_fd_handler(struct tevent_context *ev, static errno_t reset_idle_timer(struct cli_ctx *cctx) { - struct timeval tv; - - /* TODO: make this configurable */ - tv = tevent_timeval_current_ofs(60, 0); + struct timeval tv = + tevent_timeval_current_ofs(cctx->rctx->client_idle_timeout, 0); talloc_zfree(cctx->idle); @@ -620,6 +618,22 @@ int sss_process_init(TALLOC_CTX *mem_ctx, rctx->confdb_service_path = confdb_service_path; ret = confdb_get_int(rctx->cdb, rctx->confdb_service_path, + CONFDB_RESPONDER_CLI_IDLE_TIMEOUT, + CONFDB_RESPONDER_CLI_IDLE_DEFAULT_TIMEOUT, + &rctx->client_idle_timeout); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + ("Cannot get the client idle timeout [%d]: %s\n", + ret, strerror(ret))); + return ret; + } + + /* Ensure that the client timeout is at least ten seconds */ + if (rctx->client_idle_timeout < 10) { + rctx->client_idle_timeout = 10; + } + + ret = confdb_get_int(rctx->cdb, rctx->confdb_service_path, CONFDB_RESPONDER_GET_DOMAINS_TIMEOUT, GET_DOMAINS_DEFAULT_TIMEOUT, &rctx->domains_timeout); if (ret != EOK) { |