summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2015-03-29 20:30:44 +0200
committerJakub Hrozek <jhrozek@redhat.com>2015-04-09 08:35:26 +0200
commitda3fcbec493dd8d7f5af1d6c6be2a37440a1442e (patch)
tree75761893be16e6f153a35f002c018bbb6d52dba7
parent0528fdec17d0031996e919fcd852459e86592c35 (diff)
downloadsssd-da3fcbec493dd8d7f5af1d6c6be2a37440a1442e.tar.gz
sssd-da3fcbec493dd8d7f5af1d6c6be2a37440a1442e.tar.xz
sssd-da3fcbec493dd8d7f5af1d6c6be2a37440a1442e.zip
NSS: Reset negcache after checking domains
The NSS responder periodically re-checks subdomains. We need to reset the negative cache each time the check finishes to allow the negative cache to contain entries from different domains. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
-rw-r--r--src/responder/nss/nsssrv_cmd.c24
1 files changed, 24 insertions, 0 deletions
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index 576532226..72da865d0 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -105,6 +105,18 @@ struct setent_ctx {
struct getent_ctx *getent_ctx;
};
+static int nss_reset_negcache(struct resp_ctx *rctx)
+{
+ struct nss_ctx *nss_ctx;
+
+ nss_ctx = talloc_get_type(rctx->pvt_ctx, struct nss_ctx);
+ if (nss_ctx == NULL) {
+ return EIO;
+ }
+
+ return sss_ncache_reset_repopulate_permanent(rctx, nss_ctx->ncache);
+}
+
/****************************************************************************
* PASSWD db related functions
***************************************************************************/
@@ -1450,6 +1462,12 @@ static void nss_cmd_getbynam_done(struct tevent_req *req)
goto done;
}
+ ret = nss_reset_negcache(cctx->rctx);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_MINOR_FAILURE, "Cannot reset negcache records\n");
+ /* Not fatal */
+ }
+
DEBUG(SSSDBG_TRACE_FUNC, "Requesting info for [%s] from [%s]\n",
cmdctx->name, domname?domname:"<ALL>");
@@ -1808,6 +1826,12 @@ static void nss_cmd_getbyid_done(struct tevent_req *req)
goto done;
}
+ ret = nss_reset_negcache(cmdctx->cctx->rctx);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_MINOR_FAILURE, "Cannot reset negcache records\n");
+ /* Not fatal */
+ }
+
/* ok, find it ! */
switch(dctx->cmdctx->cmd) {
case SSS_NSS_GETPWUID: