5 files changed, 32 insertions, 2 deletions

diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index ce3c97f22..11a925212 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -171,6 +171,7 @@
 #define CONFDB_DOMAIN_SUDO_CACHE_TIMEOUT "entry_cache_sudo_timeout"
 #define CONFDB_DOMAIN_PWD_EXPIRATION_WARNING "pwd_expiration_warning"
 #define CONFDB_DOMAIN_REFRESH_EXPIRED_INTERVAL "refresh_expired_interval"
+#define CONFDB_DOMAIN_OFFLINE_TIMEOUT "offline_timeout"
 
 /* Local Provider */
 #define CONFDB_LOCAL_DEFAULT_SHELL   "default_shell"
diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py
index b6c1d74aa..7cfbddc27 100755
--- a/src/config/SSSDConfigTest.py
+++ b/src/config/SSSDConfigTest.py
@@ -488,6 +488,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
             'max_id',
             'timeout',
             'force_timeout',
+            'offline_timeout',
             'try_inotify',
             'command',
             'enumerate',
@@ -844,6 +845,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
             'max_id',
             'timeout',
             'force_timeout',
+            'offline_timeout',
             'try_inotify',
             'command',
             'enumerate',
diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf
index ed65d2d78..14e80639e 100644
--- a/src/config/etc/sssd.api.conf
+++ b/src/config/etc/sssd.api.conf
@@ -96,6 +96,7 @@ try_inotify = bool, None, false
 enumerate = bool, None, false
 subdomain_enumerate = str, None, false
 force_timeout = int, None, false
+offline_timeout = int, None, false
 cache_credentials = bool, None, false
 store_legacy_passwords = bool, None, false
 use_fully_qualified_names = bool, None, false
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index 43c06955d..8166f3027 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -378,6 +378,21 @@
                         </para>
                     </listitem>
                 </varlistentry>
+                <varlistentry>
+                    <term>offline_timeout (integer)</term>
+                    <listitem>
+                        <para>
+                            If SSSD is in offline mode, and last attempt to go
+                            online was less than number of seconds specified
+                            in this option ago, new requests for data will not
+                            result in attempt to go online.
+                        </para>
+                        <para>
+                            Default: 60
+                        </para>
+                    </listitem>
+                </varlistentry>
+
             </variablelist>
         </refsect2>
 
diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c
index 5aef2308a..db73d81a6 100644
--- a/src/providers/data_provider_be.c
+++ b/src/providers/data_provider_be.c
@@ -479,10 +479,21 @@ done:
 bool be_is_offline(struct be_ctx *ctx)
 {
     time_t now = time(NULL);
+    int offline_timeout;
+    int ret;
 
     /* check if we are past the offline blackout timeout */
-    /* FIXME: get offline_timeout from configuration */
-    if (ctx->offstat.went_offline + 60 < now) {
+    ret = confdb_get_int(ctx->cdb, ctx->conf_path,
+                         CONFDB_DOMAIN_OFFLINE_TIMEOUT, 60,
+                         &offline_timeout);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_MINOR_FAILURE,
+              ("Failed to get offline_timeout from confdb. "
+               "Using default value (60 seconds)\n"));
+        offline_timeout = 60;
+    }
+
+    if (ctx->offstat.went_offline + offline_timeout < now) {
         ctx->offstat.offline = false;
     }