sss_cache tool invalidates records in memory cache.

author: Michal Zidek <mzidek@redhat.com> 2012-09-11 18:44:52 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2012-09-24 13:09:53 +0200
commit: 99c99e557020775714f028b28a147edda290c783 (patch)
tree: 7364f53b4c921aacf7f81da4864f27d3c9d25c62 /src/responder
parent: 7c2e91ac48b20e6699d5c98c9912ea6427453c95 (diff)
download: sssd-99c99e557020775714f028b28a147edda290c783.tar.gz
sssd-99c99e557020775714f028b28a147edda290c783.tar.xz
sssd-99c99e557020775714f028b28a147edda290c783.zip
3 files changed, 126 insertions, 2 deletions
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
index 64267e868..5fa72494e 100644
--- a/src/responder/nss/nsssrv.c
+++ b/src/responder/nss/nsssrv.c
@@ -51,10 +51,14 @@
 #define SHELL_REALLOC_INCREMENT 5
 #define SHELL_REALLOC_MAX       50
 
+static int nss_clear_memcache(DBusMessage *message,
+                              struct sbus_connection *conn);
+
 struct sbus_method monitor_nss_methods[] = {
     { MON_CLI_METHOD_PING, monitor_common_pong },
     { MON_CLI_METHOD_RES_INIT, monitor_common_res_init },
     { MON_CLI_METHOD_ROTATE, responder_logrotate },
+    { MON_CLI_METHOD_CLEAR_MEMCACHE, nss_clear_memcache},
     { NULL, NULL }
 };
 
@@ -66,6 +70,65 @@ struct sbus_interface monitor_nss_interface = {
     NULL
 };
 
+static int nss_clear_memcache(DBusMessage *message,
+                              struct sbus_connection *conn)
+{
+    errno_t ret;
+    int memcache_timeout;
+    struct resp_ctx *rctx = talloc_get_type(sbus_conn_get_private_data(conn),
+                                            struct resp_ctx);
+    struct nss_ctx *nctx = (struct nss_ctx*) rctx->pvt_ctx;
+
+    ret = unlink(SSS_NSS_MCACHE_DIR"/"CLEAR_MC_FLAG);
+    if (ret != 0) {
+        ret = errno;
+        if (ret == ENOENT) {
+            DEBUG(SSSDBG_TRACE_FUNC,
+                  ("CLEAR_MC_FLAG not found. Nothing to do.\n"));
+            goto done;
+        } else {
+            DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to unlink file: %s.\n",
+                  strerror(ret)));
+            return ret;
+        }
+    }
+
+    /* CLEAR_MC_FLAG removed successfully. Clearing memory caches. */
+
+    ret = confdb_get_int(rctx->cdb,
+                         CONFDB_NSS_CONF_ENTRY,
+                         CONFDB_MEMCACHE_TIMEOUT,
+                         300, &memcache_timeout);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_FATAL_FAILURE,
+              ("Unable to get memory cache entry timeout.\n"));
+        return ret;
+    }
+
+    /* TODO: read cache sizes from configuration */
+    DEBUG(SSSDBG_TRACE_FUNC, ("Clearing memory caches.\n"));
+    ret = sss_mmap_cache_reinit(nctx, SSS_MC_CACHE_ELEMENTS,
+                                (time_t) memcache_timeout,
+                                &nctx->pwd_mc_ctx);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_CRIT_FAILURE,
+              ("passwd mmap cache invalidation failed\n"));
+        return ret;
+    }
+
+    ret = sss_mmap_cache_reinit(nctx, SSS_MC_CACHE_ELEMENTS,
+                                (time_t) memcache_timeout,
+                                &nctx->grp_mc_ctx);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_CRIT_FAILURE,
+              ("group mmap cache invalidation failed\n"));
+        return ret;
+    }
+
+done:
+    return monitor_common_pong(message, conn);
+}
+
 static errno_t nss_get_etc_shells(TALLOC_CTX *mem_ctx, char ***_shells)
 {
     int i = 0;
@@ -328,6 +391,16 @@ int nss_process_init(TALLOC_CTX *mem_ctx,
     }
 
     /* create mmap caches */
+    /* Remove the CLEAR_MC_FLAG file if exists. */
+    ret = unlink(SSS_NSS_MCACHE_DIR"/"CLEAR_MC_FLAG);
+    if (ret != 0 && errno != ENOENT) {
+        ret = errno;
+        DEBUG(SSSDBG_CRIT_FAILURE,
+              ("Failed to unlink file [%s]. This can cause memory cache to "
+               "be purged when next log rotation is requested. %d: %s\n",
+               SSS_NSS_MCACHE_DIR"/"CLEAR_MC_FLAG, ret, strerror(ret)));
+    }
+
     ret = confdb_get_int(nctx->rctx->cdb,
                          CONFDB_NSS_CONF_ENTRY,
                          CONFDB_MEMCACHE_TIMEOUT,
@@ -339,14 +412,14 @@ int nss_process_init(TALLOC_CTX *mem_ctx,
 
     /* TODO: read cache sizes from configuration */
     ret = sss_mmap_cache_init(nctx, "passwd", SSS_MC_PASSWD,
-                              50000, (time_t)memcache_timeout,
+                              SSS_MC_CACHE_ELEMENTS, (time_t)memcache_timeout,
                               &nctx->pwd_mc_ctx);
     if (ret) {
         DEBUG(SSSDBG_CRIT_FAILURE, ("passwd mmap cache is DISABLED\n"));
     }
 
     ret = sss_mmap_cache_init(nctx, "group", SSS_MC_GROUP,
-                              50000, (time_t)memcache_timeout,
+                              SSS_MC_CACHE_ELEMENTS, (time_t)memcache_timeout,
                               &nctx->grp_mc_ctx);
     if (ret) {
         DEBUG(SSSDBG_CRIT_FAILURE, ("group mmap cache is DISABLED\n"));
diff --git a/src/responder/nss/nsssrv_mmap_cache.c b/src/responder/nss/nsssrv_mmap_cache.c
index 07498a9b7..f40256472 100644
--- a/src/responder/nss/nsssrv_mmap_cache.c
+++ b/src/responder/nss/nsssrv_mmap_cache.c
@@ -725,3 +725,49 @@ done:
     return ret;
 }
 
+errno_t sss_mmap_cache_reinit(TALLOC_CTX *mem_ctx, size_t n_elem,
+                              time_t timeout, struct sss_mc_ctx **mc_ctx)
+{
+    errno_t ret;
+    TALLOC_CTX* tmp_ctx = NULL;
+    char *name;
+    enum sss_mc_type type;
+
+    if (mc_ctx == NULL || (*mc_ctx) == NULL) {
+        DEBUG(SSSDBG_CRIT_FAILURE,
+              ("Unable to re-init unitialized memory cache.\n"));
+        return EINVAL;
+    }
+
+    tmp_ctx = talloc_new(NULL);
+    if (tmp_ctx == NULL) {
+        DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory.\n"));
+        return ENOMEM;
+    }
+
+    name = talloc_strdup(tmp_ctx, (*mc_ctx)->name);
+    if (name == NULL) {
+        DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory.\n"));
+        ret = ENOMEM;
+        goto done;
+    }
+
+    type = (*mc_ctx)->type;
+    ret = talloc_free(*mc_ctx);
+    if (ret != 0) {
+        /* This can happen only if destructor is associated with this
+         * context */
+        DEBUG(SSSDBG_MINOR_FAILURE, ("Destructor asociated with memory"
+                                    " context failed.\n"));
+    }
+
+    ret = sss_mmap_cache_init(mem_ctx, name, type, n_elem, timeout, mc_ctx);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to re-initialize mmap cache.\n"));
+        goto done;
+    }
+
+done:
+    talloc_free(tmp_ctx);
+    return ret;
+}
diff --git a/src/responder/nss/nsssrv_mmap_cache.h b/src/responder/nss/nsssrv_mmap_cache.h
index 81241b24d..2a0712c88 100644
--- a/src/responder/nss/nsssrv_mmap_cache.h
+++ b/src/responder/nss/nsssrv_mmap_cache.h
@@ -22,6 +22,8 @@
 #ifndef _NSSSRV_MMAP_CACHE_H_
 #define _NSSSRV_MMAP_CACHE_H_
 
+#define SSS_MC_CACHE_ELEMENTS 50000
+
 struct sss_mc_ctx;
 
 enum sss_mc_type {
@@ -48,4 +50,7 @@ errno_t sss_mmap_cache_gr_store(struct sss_mc_ctx *mcc,
                                 gid_t gid, size_t memnum,
                                 char *membuf, size_t memsize);
 
+errno_t sss_mmap_cache_reinit(TALLOC_CTX *mem_ctx, size_t n_elem,
+                              time_t timeout, struct sss_mc_ctx **mc_ctx);
+
 #endif /* _NSSSRV_MMAP_CACHE_H_ */
author	Michal Zidek <mzidek@redhat.com>	2012-09-11 18:44:52 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2012-09-24 13:09:53 +0200
commit	99c99e557020775714f028b28a147edda290c783 (patch)
tree	7364f53b4c921aacf7f81da4864f27d3c9d25c62 /src/responder
parent	7c2e91ac48b20e6699d5c98c9912ea6427453c95 (diff)
download	sssd-99c99e557020775714f028b28a147edda290c783.tar.gz sssd-99c99e557020775714f028b28a147edda290c783.tar.xz sssd-99c99e557020775714f028b28a147edda290c783.zip