diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-12-08 15:47:29 -0500 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-12-17 16:16:27 -0500 |
commit | 6c4661b78edafbd5b44e0c6319243e6671260bd0 (patch) | |
tree | 08ee9b3773deca99e6e3c07bb917abaf6413e510 /src | |
parent | 5dca77263340b272bfa51de0fe9729fa4a292306 (diff) | |
download | sssd-6c4661b78edafbd5b44e0c6319243e6671260bd0.tar.gz sssd-6c4661b78edafbd5b44e0c6319243e6671260bd0.tar.xz sssd-6c4661b78edafbd5b44e0c6319243e6671260bd0.zip |
Start first enumeration immediately
Previously, we would wait for ten seconds before starting an
enumeration. However, this meant that on the first startup (before
we had run our first enumeration) there was a ten-second window
where clients would immediately get back a response with no
entries instead of blocking until the enumeration completed.
With this patch, SSSD will now run an enumeration immediately upon
startup. Further startups will retain the ten-second delay so as
not to slow down system bootups.
https://fedorahosted.org/sssd/ticket/616
Diffstat (limited to 'src')
-rw-r--r-- | src/man/sssd.conf.5.xml | 5 | ||||
-rw-r--r-- | src/providers/ldap/ldap_common.c | 31 | ||||
-rw-r--r-- | src/providers/ldap/ldap_id_enum.c | 14 |
3 files changed, 47 insertions, 3 deletions
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 2bba38050..7392dd093 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -513,6 +513,11 @@ processing. </para> <para> + While the first enumeration is running, requests + for the complete user or group lists may return + no results until it completes. + </para> + <para> Further, enabling enumeration may increase the time necessary to detect network disconnection, as longer timeouts are required to ensure that diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 9945b4b13..a38d5cc20 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -415,12 +415,37 @@ int sdap_id_setup_tasks(struct sdap_id_ctx *ctx) struct timeval tv; int ret = EOK; int delay; + bool has_enumerated; /* set up enumeration task */ if (ctx->be->domain->enumerate) { - /* run the first one in a couple of seconds so that we have time to - * finish initializations first*/ - tv = tevent_timeval_current_ofs(10, 0); + /* If this is the first startup, we need to kick off + * an enumeration immediately, to close a window where + * clients requesting get*ent information won't get an + * immediate reply with no entries + */ + ret = sysdb_has_enumerated(ctx->be->sysdb, + ctx->be->domain, + &has_enumerated); + if (ret != EOK) { + return ret; + } + if (has_enumerated) { + /* At least one enumeration has previously run, + * so clients will get cached data. We will delay + * starting to enumerate by 10s so we don't slow + * down the startup process if this is happening + * during system boot. + */ + tv = tevent_timeval_current_ofs(10, 0); + } else { + /* This is our first startup. Schedule the + * enumeration to start immediately once we + * enter the mainloop. + */ + tv = tevent_timeval_current(); + } + ret = ldap_id_enumerate_set_timer(ctx, tv); } else { /* the enumeration task, runs the cleanup process by itself, diff --git a/src/providers/ldap/ldap_id_enum.c b/src/providers/ldap/ldap_id_enum.c index f2ac8c6a9..8695f3550 100644 --- a/src/providers/ldap/ldap_id_enum.c +++ b/src/providers/ldap/ldap_id_enum.c @@ -134,12 +134,26 @@ static void ldap_id_enumerate_reschedule(struct tevent_req *req) uint64_t err; struct timeval tv; int delay; + errno_t ret; if (tevent_req_is_error(req, &tstate, &err)) { /* On error schedule starting from now, not the last run */ tv = tevent_timeval_current(); } else { tv = ctx->last_enum; + + /* Ok, we've completed an enumeration. Save this to the + * sysdb so we can postpone starting up the enumeration + * process on the next SSSD service restart (to avoid + * slowing down system boot-up + */ + ret = sysdb_set_enumerated(ctx->be->sysdb, + ctx->be->domain, + true); + if (ret != EOK) { + DEBUG(1, ("Could not mark domain as having enumerated.\n")); + /* This error is non-fatal, so continue */ + } } talloc_zfree(req); |