diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/responder/nss/nsssrv_mmap_cache.c | 26 | ||||
-rw-r--r-- | src/tools/sss_cache.c | 76 | ||||
-rw-r--r-- | src/tools/tools_util.c | 94 | ||||
-rw-r--r-- | src/tools/tools_util.h | 2 |
4 files changed, 175 insertions, 23 deletions
diff --git a/src/responder/nss/nsssrv_mmap_cache.c b/src/responder/nss/nsssrv_mmap_cache.c index f40256472..524aa47c3 100644 --- a/src/responder/nss/nsssrv_mmap_cache.c +++ b/src/responder/nss/nsssrv_mmap_cache.c @@ -537,14 +537,21 @@ static errno_t sss_mc_create_file(struct sss_mc_ctx *mc_ctx) mode_t old_mask; int ofd; int ret; + useconds_t t = 50000; + int retries = 3; ofd = open(mc_ctx->file, O_RDWR); if (ofd != -1) { + ret = sss_br_lock_file(ofd, 0, 1, retries, t); + if (ret != EOK) { + DEBUG(SSSDBG_FATAL_FAILURE, + ("Failed to lock file %s.\n", mc_ctx->file)); + } ret = sss_mc_set_recycled(ofd); if (ret) { - DEBUG(SSSDBG_TRACE_FUNC, ("Failed to mark mmap file %s as" - " recycled: %d(%s)\n", - mc_ctx->file, ret, strerror(ret))); + DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to mark mmap file %s as" + " recycled: %d(%s)\n", + mc_ctx->file, ret, strerror(ret))); } close(ofd); @@ -568,11 +575,24 @@ static errno_t sss_mc_create_file(struct sss_mc_ctx *mc_ctx) ret = errno; DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to open mmap file %s: %d(%s)\n", mc_ctx->file, ret, strerror(ret))); + goto done; + } + + ret = sss_br_lock_file(mc_ctx->fd, 0, 1, retries, t); + if (ret != EOK) { + DEBUG(SSSDBG_FATAL_FAILURE, + ("Failed to lock file %s.\n", mc_ctx->file)); + goto done; } +done: /* reset mask back */ umask(old_mask); + if (ret) { + close(mc_ctx->fd); + } + return ret; } diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c index 8582fb5f4..267b8ac45 100644 --- a/src/tools/sss_cache.c +++ b/src/tools/sss_cache.c @@ -92,6 +92,7 @@ errno_t invalidate_entry(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb, bool invalidate_entries(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb, enum sss_cache_entry entry_type, const char *filter, const char *name); +static int clear_fastcache(bool *sssd_nss_is_off); int main(int argc, const char *argv[]) { @@ -99,6 +100,7 @@ int main(int argc, const char *argv[]) struct cache_tool_ctx *tctx = NULL; struct sysdb_ctx *sysdb; int i; + bool sssd_nss_is_off; bool skipped = true; FILE *clear_mc_flag; @@ -143,29 +145,36 @@ int main(int argc, const char *argv[]) ret = ENOENT; goto done; } else { - /*Local cache changed -> signal monitor to invalidate fastcache */ - clear_mc_flag = fopen(SSS_NSS_MCACHE_DIR"/"CLEAR_MC_FLAG, "w"); - if (clear_mc_flag == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, - ("Failed to create clear_mc_flag file. " - "Memory cache will not be cleared.\n")); + ret = clear_fastcache(&sssd_nss_is_off); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to clear caches.\n")); goto done; } - ret = fclose(clear_mc_flag); - if (ret != 0) { - ret = errno; - DEBUG(SSSDBG_CRIT_FAILURE, - ("Unable to close file descriptor: %s\n", - strerror(ret))); - goto done; - } + if (!sssd_nss_is_off) { + /* sssd_nss is running -> signal monitor to invalidate fastcache */ + clear_mc_flag = fopen(SSS_NSS_MCACHE_DIR"/"CLEAR_MC_FLAG, "w"); + if (clear_mc_flag == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, + ("Failed to create clear_mc_flag file. " + "Memory cache will not be cleared.\n")); + goto done; + } + ret = fclose(clear_mc_flag); + if (ret != 0) { + ret = errno; + DEBUG(SSSDBG_CRIT_FAILURE, + ("Unable to close file descriptor: %s\n", + strerror(ret))); + goto done; + } - DEBUG(SSSDBG_TRACE_FUNC, ("Sending SIGHUP to monitor.\n")); - ret = signal_sssd(SIGHUP); - if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, - ("Failed to send SIGHUP to monitor.\n")); - goto done; + DEBUG(SSSDBG_TRACE_FUNC, ("Sending SIGHUP to monitor.\n")); + ret = signal_sssd(SIGHUP); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, + ("Failed to send SIGHUP to monitor.\n")); + goto done; + } } } @@ -174,6 +183,33 @@ done: return ret; } +static int clear_fastcache(bool *sssd_nss_is_off) +{ + int ret; + ret = sss_memcache_invalidate(SSS_NSS_MCACHE_DIR"/passwd"); + if (ret != EOK) { + if (ret == EACCES) { + *sssd_nss_is_off = false; + return EOK; + } else { + return ret; + } + } + + ret = sss_memcache_invalidate(SSS_NSS_MCACHE_DIR"/group"); + if (ret != EOK) { + if (ret == EACCES) { + *sssd_nss_is_off = false; + return EOK; + } else { + return ret; + } + } + + *sssd_nss_is_off = true; + return EOK; +} + bool invalidate_entries(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb, enum sss_cache_entry entry_type, const char *filter, const char *name) diff --git a/src/tools/tools_util.c b/src/tools/tools_util.c index 049a4f581..99b79f171 100644 --- a/src/tools/tools_util.c +++ b/src/tools/tools_util.c @@ -35,6 +35,7 @@ #include "db/sysdb.h" #include "tools/tools_util.h" #include "tools/sss_sync_ops.h" +#include "util/mmap_cache.h" static int setup_db(struct tools_ctx *ctx) { @@ -671,3 +672,96 @@ errno_t signal_sssd(int signum) return EOK; } + +static errno_t sss_mc_set_recycled(int fd) +{ + uint32_t w = SSS_MC_HEADER_RECYCLED; + struct sss_mc_header h; + off_t offset; + off_t pos; + int ret; + + + offset = MC_PTR_DIFF(&h.status, &h); + + pos = lseek(fd, offset, SEEK_SET); + if (pos == -1) { + /* What do we do now ? */ + return errno; + } + + errno = 0; + ret = sss_atomic_write_s(fd, (uint8_t *)&w, sizeof(h.status)); + if (ret == -1) { + return errno; + } + + if (ret != sizeof(h.status)) { + /* Write error */ + return EIO; + } + + return EOK; +} + +errno_t sss_memcache_invalidate(const char *mc_filename) +{ + int mc_fd = -1; + errno_t ret; + errno_t pret; + useconds_t t = 50000; + int retries = 2; + + if (!mc_filename) { + return EINVAL; + } + + mc_fd = open(mc_filename, O_RDWR); + if (mc_fd == -1) { + ret = errno; + if (ret == ENOENT) { + DEBUG(SSSDBG_TRACE_FUNC,("Memory cache file %s " + "does not exist.\n", mc_filename)); + return EOK; + } else { + DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to open file %s: %s\n", + mc_filename, strerror(ret))); + return ret; + } + } + + ret = sss_br_lock_file(mc_fd, 0, 1, retries, t); + if (ret == EACCES) { + DEBUG(SSSDBG_TRACE_FUNC, + ("File %s already locked by someone else.\n", mc_filename)); + goto done; + } else if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to lock file %s.\n", mc_filename)); + goto done; + } + /* Mark the mc file as recycled. */ + ret = sss_mc_set_recycled(mc_fd); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to mark memory cache file %s " + "as recycled.\n", mc_filename)); + goto done; + } + + ret = EOK; +done: + if (mc_fd != -1) { + /* Closing the file also releases the lock */ + close(mc_fd); + + /* Only unlink the file if invalidation was succesful */ + if (ret == EOK) { + pret = unlink(mc_filename); + if (pret == -1) { + DEBUG(SSSDBG_MINOR_FAILURE, + ("Failed to unlink file %s. " + "Will be unlinked later by sssd_nss.\n")); + } + } + } + return ret; +} diff --git a/src/tools/tools_util.h b/src/tools/tools_util.h index 1be17e8ea..a83c8eea0 100644 --- a/src/tools/tools_util.h +++ b/src/tools/tools_util.h @@ -104,6 +104,8 @@ int run_userdel_cmd(struct tools_ctx *tctx); errno_t signal_sssd(int signum); +errno_t sss_memcache_invalidate(const char *mc_filename); + /* from files.c */ int remove_tree(const char *root); |