summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/monitor/monitor.c1
-rw-r--r--src/responder/nss/nsssrv.c21
-rw-r--r--src/responder/nss/nsssrv_netgroup.c30
-rw-r--r--src/responder/nss/nsssrv_netgroup.h3
4 files changed, 55 insertions, 0 deletions
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
index 8882e4db..67811ac1 100644
--- a/src/monitor/monitor.c
+++ b/src/monitor/monitor.c
@@ -1347,6 +1347,7 @@ static void monitor_hup(struct tevent_context *ev,
service_signal_rotate(cur_svc);
if (!strcmp(NSS_SBUS_SERVICE_NAME, cur_svc->name)) {
service_signal_clear_memcache(cur_svc);
+ service_signal_clear_enum_cache(cur_svc);
}
if (!strcmp(SSS_AUTOFS_SBUS_SERVICE_NAME, cur_svc->name)) {
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
index 7bc49e3e..253756d1 100644
--- a/src/responder/nss/nsssrv.c
+++ b/src/responder/nss/nsssrv.c
@@ -56,12 +56,15 @@
static int nss_clear_memcache(DBusMessage *message,
struct sbus_connection *conn);
+static int nss_clear_netgroup_hash_table(DBusMessage *message,
+ struct sbus_connection *conn);
struct sbus_method monitor_nss_methods[] = {
{ MON_CLI_METHOD_PING, monitor_common_pong },
{ MON_CLI_METHOD_RES_INIT, monitor_common_res_init },
{ MON_CLI_METHOD_ROTATE, responder_logrotate },
{ MON_CLI_METHOD_CLEAR_MEMCACHE, nss_clear_memcache},
+ { MON_CLI_METHOD_CLEAR_ENUM_CACHE, nss_clear_netgroup_hash_table},
{ NULL, NULL }
};
@@ -132,6 +135,24 @@ done:
return monitor_common_pong(message, conn);
}
+static int nss_clear_netgroup_hash_table(DBusMessage *message,
+ struct sbus_connection *conn)
+{
+ errno_t ret;
+ struct resp_ctx *rctx = talloc_get_type(sbus_conn_get_private_data(conn),
+ struct resp_ctx);
+ struct nss_ctx *nctx = (struct nss_ctx*) rctx->pvt_ctx;
+
+ ret = nss_orphan_netgroups(nctx);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ ("Could not invalidate netgroups\n"));
+ return ret;
+ }
+
+ return monitor_common_pong(message, conn);
+}
+
static errno_t nss_get_etc_shells(TALLOC_CTX *mem_ctx, char ***_shells)
{
int i = 0;
diff --git a/src/responder/nss/nsssrv_netgroup.c b/src/responder/nss/nsssrv_netgroup.c
index e1d3a052..a1c41968 100644
--- a/src/responder/nss/nsssrv_netgroup.c
+++ b/src/responder/nss/nsssrv_netgroup.c
@@ -1031,3 +1031,33 @@ netgroup_hash_delete_cb(hash_entry_t *item,
* table */
netgr->lookup_table = NULL;
}
+
+errno_t nss_orphan_netgroups(struct nss_ctx *nctx)
+{
+ int hret;
+ unsigned long mcount;
+ unsigned long i;
+ hash_key_t *netgroups;
+
+ if (!nctx || !nctx->netgroups) {
+ return EINVAL;
+ }
+
+ hret = hash_keys(nctx->netgroups, &mcount, &netgroups);
+ if (hret != HASH_SUCCESS) {
+ return EIO;
+ }
+
+ DEBUG(SSSDBG_TRACE_FUNC, ("Removing netgroups from memory cache.\n"));
+
+ for (i = 0; i < mcount; i++) {
+ /* netgroup entry will be deleted by setnetgrent_result_timeout */
+ hret = hash_delete(nctx->netgroups, &netgroups[i]);
+ if (hret != HASH_SUCCESS) {
+ DEBUG(SSSDBG_MINOR_FAILURE, ("Could not delete key from hash\n"));
+ continue;
+ }
+ }
+
+ return EOK;
+}
diff --git a/src/responder/nss/nsssrv_netgroup.h b/src/responder/nss/nsssrv_netgroup.h
index a909abed..ddeb35df 100644
--- a/src/responder/nss/nsssrv_netgroup.h
+++ b/src/responder/nss/nsssrv_netgroup.h
@@ -33,4 +33,7 @@ int nss_cmd_endnetgrent(struct cli_ctx *cctx);
void netgroup_hash_delete_cb(hash_entry_t *item,
hash_destroy_enum deltype, void *pvt);
+
+errno_t nss_orphan_netgroups(struct nss_ctx *nctx);
+
#endif /* NSSRV_NETGROUP_H_ */