diff options
| author | Simo Sorce <ssorce@redhat.com> | 2009-11-18 19:09:26 -0500 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-11-20 11:18:50 -0500 |
| commit | 7c7de044bb08aa6b5c9f32c000c3b97a3c55ca31 (patch) | |
| tree | 9131e9a87fda825a2a4502e026f3eb5153af592a | |
| parent | c35c2e840a5f97ebe4c1dd5a5b82745c34217320 (diff) | |
| download | sssd-7c7de044bb08aa6b5c9f32c000c3b97a3c55ca31.tar.gz sssd-7c7de044bb08aa6b5c9f32c000c3b97a3c55ca31.tar.xz sssd-7c7de044bb08aa6b5c9f32c000c3b97a3c55ca31.zip | |
Better behavior on cleanup
With the previous code in domains with many users and enumeration enable we
would eventually end up making thousands of individual searches for entries in
the clean-up process.
Change the code to do a full enumeration before a cleanup so we do one single
big search to update all entries and only then search for entries to purge.
This also fixes the fact that the cleanup task was running at every enumeration
instead of running every "ldap_purge_cache_timeout" seconds.
| -rw-r--r-- | server/providers/ldap/ldap_common.h | 4 | ||||
| -rw-r--r-- | server/providers/ldap/ldap_id_cleanup.c | 6 | ||||
| -rw-r--r-- | server/providers/ldap/ldap_id_enum.c | 52 | ||||
| -rw-r--r-- | server/providers/ldap/sdap_async.c | 2 |
4 files changed, 44 insertions, 20 deletions
diff --git a/server/providers/ldap/ldap_common.h b/server/providers/ldap/ldap_common.h index 9cc30f847..96b332cf3 100644 --- a/server/providers/ldap/ldap_common.h +++ b/server/providers/ldap/ldap_common.h @@ -37,7 +37,9 @@ struct sdap_id_ctx { struct sdap_handle *gsh; /* enumeration loop timer */ - struct timeval last_run; + struct timeval last_enum; + /* cleanup loop timer */ + struct timeval last_purge; char *max_user_timestamp; char *max_group_timestamp; diff --git a/server/providers/ldap/ldap_id_cleanup.c b/server/providers/ldap/ldap_id_cleanup.c index 7267b3540..60d3b28ac 100644 --- a/server/providers/ldap/ldap_id_cleanup.c +++ b/server/providers/ldap/ldap_id_cleanup.c @@ -60,8 +60,6 @@ static void ldap_id_cleanup_timer(struct tevent_context *ev, return; } - ctx->last_run = tv; - req = ldap_id_cleanup_send(ctx, ev, ctx); if (!req) { DEBUG(1, ("Failed to schedule cleanup, retrying later!\n")); @@ -113,7 +111,7 @@ static void ldap_id_cleanup_reschedule(struct tevent_req *req) /* On error schedule starting from now, not the last run */ tv = tevent_timeval_current(); } else { - tv = ctx->last_run; + tv = ctx->last_purge; } talloc_zfree(req); @@ -177,6 +175,8 @@ struct tevent_req *ldap_id_cleanup_send(TALLOC_CTX *memctx, } tevent_req_set_callback(subreq, ldap_id_cleanup_users_done, req); + ctx->last_purge = tevent_timeval_current(); + return req; } diff --git a/server/providers/ldap/ldap_id_enum.c b/server/providers/ldap/ldap_id_enum.c index 10b8d96c4..916389fea 100644 --- a/server/providers/ldap/ldap_id_enum.c +++ b/server/providers/ldap/ldap_id_enum.c @@ -64,8 +64,6 @@ static void ldap_id_enumerate_timer(struct tevent_context *ev, return; } - ctx->last_run = tv; - req = ldap_id_enumerate_send(ev, ctx); if (!req) { DEBUG(1, ("Failed to schedule enumeration, retrying later!\n")); @@ -117,7 +115,7 @@ static void ldap_id_enumerate_reschedule(struct tevent_req *req) /* On error schedule starting from now, not the last run */ tv = tevent_timeval_current(); } else { - tv = ctx->last_run; + tv = ctx->last_enum; } talloc_zfree(req); @@ -149,15 +147,19 @@ int ldap_id_enumerate_set_timer(struct sdap_id_ctx *ctx, struct timeval tv) struct global_enum_state { struct tevent_context *ev; struct sdap_id_ctx *ctx; + + bool purge; }; static struct tevent_req *enum_users_send(TALLOC_CTX *memctx, struct tevent_context *ev, - struct sdap_id_ctx *ctx); + struct sdap_id_ctx *ctx, + bool purge); static void ldap_id_enum_users_done(struct tevent_req *subreq); static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, struct tevent_context *ev, - struct sdap_id_ctx *ctx); + struct sdap_id_ctx *ctx, + bool purge); static void ldap_id_enum_groups_done(struct tevent_req *subreq); static void ldap_id_enum_cleanup_done(struct tevent_req *subreq); @@ -166,6 +168,7 @@ static struct tevent_req *ldap_id_enumerate_send(struct tevent_context *ev, { struct global_enum_state *state; struct tevent_req *req, *subreq; + int t; req = tevent_req_create(ctx, &state, struct global_enum_state); if (!req) return NULL; @@ -173,7 +176,16 @@ static struct tevent_req *ldap_id_enumerate_send(struct tevent_context *ev, state->ev = ev; state->ctx = ctx; - subreq = enum_users_send(state, ev, ctx); + ctx->last_enum = tevent_timeval_current(); + + t = dp_opt_get_int(ctx->opts->basic, SDAP_CACHE_PURGE_TIMEOUT); + if ((ctx->last_purge.tv_sec + t) < ctx->last_enum.tv_sec) { + state->purge = true; + } else { + state->purge = false; + } + + subreq = enum_users_send(state, ev, ctx, state->purge); if (!subreq) { talloc_zfree(req); return NULL; @@ -202,7 +214,7 @@ static void ldap_id_enum_users_done(struct tevent_req *subreq) } talloc_zfree(subreq); - subreq = enum_groups_send(state, state->ev, state->ctx); + subreq = enum_groups_send(state, state->ev, state->ctx, state->purge); if (!subreq) { goto fail; } @@ -241,12 +253,18 @@ static void ldap_id_enum_groups_done(struct tevent_req *subreq) } talloc_zfree(subreq); - subreq = ldap_id_cleanup_send(state, state->ev, state->ctx); - if (!subreq) { - goto fail; + if (state->purge) { + + subreq = ldap_id_cleanup_send(state, state->ev, state->ctx); + if (!subreq) { + goto fail; + } + tevent_req_set_callback(subreq, ldap_id_enum_cleanup_done, req); + + return; } - tevent_req_set_callback(subreq, ldap_id_enum_cleanup_done, req); + tevent_req_done(req); return; fail: @@ -281,7 +299,8 @@ static void enum_users_op_done(struct tevent_req *subreq); static struct tevent_req *enum_users_send(TALLOC_CTX *memctx, struct tevent_context *ev, - struct sdap_id_ctx *ctx) + struct sdap_id_ctx *ctx, + bool purge) { struct tevent_req *req, *subreq; struct enum_users_state *state; @@ -293,7 +312,8 @@ static struct tevent_req *enum_users_send(TALLOC_CTX *memctx, state->ev = ev; state->ctx = ctx; - if (ctx->max_user_timestamp) { + if (ctx->max_user_timestamp && !purge) { + state->filter = talloc_asprintf(state, "(&(%s=*)(objectclass=%s)(%s>=%s)(!(%s=%s)))", ctx->opts->user_map[SDAP_AT_USER_NAME].name, @@ -429,7 +449,8 @@ static void enum_groups_op_done(struct tevent_req *subreq); static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, struct tevent_context *ev, - struct sdap_id_ctx *ctx) + struct sdap_id_ctx *ctx, + bool purge) { struct tevent_req *req, *subreq; struct enum_groups_state *state; @@ -444,7 +465,8 @@ static struct tevent_req *enum_groups_send(TALLOC_CTX *memctx, attr_name = ctx->opts->group_map[SDAP_AT_GROUP_NAME].name; - if (ctx->max_group_timestamp) { + if (ctx->max_group_timestamp && !purge) { + state->filter = talloc_asprintf(state, "(&(%s=*)(objectclass=%s)(%s>=%s)(!(%s=%s)))", ctx->opts->group_map[SDAP_AT_GROUP_NAME].name, diff --git a/server/providers/ldap/sdap_async.c b/server/providers/ldap/sdap_async.c index 99d829794..5a90339e3 100644 --- a/server/providers/ldap/sdap_async.c +++ b/server/providers/ldap/sdap_async.c @@ -769,7 +769,7 @@ struct tevent_req *sdap_get_generic_send(TALLOC_CTX *memctx, state->reply_count = 0; state->reply = NULL; - DEBUG(7, ("calling ldap_search_ext with [%s][%s].\n", state->filter, + DEBUG(6, ("calling ldap_search_ext with [%s][%s].\n", state->filter, state->search_base)); if (debug_level >= 7) { int i; |