From 7c83c23177cdb43e23fe19935356e1319e2b6f39 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lslebodn@redhat.com>
Date: Tue, 30 Jun 2015 14:26:12 +0200
Subject: nss: Invalidate entry in initgr mmap cache
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

If user is removed from sysdb cache then
it should be also removed from initgroups memory cache.

Resolves:
https://fedorahosted.org/sssd/ticket/2485

Reviewed-by: Michal Židek <mzidek@redhat.com>
---
 src/responder/nss/nsssrv_cmd.c | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index b163d6d57..012946730 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -168,6 +168,13 @@ void nss_update_pw_memcache(struct nss_ctx *nctx)
                       "Internal failure in memory cache code: %d [%s]\n",
                        ret, strerror(ret));
             }
+
+            ret = sss_mmap_cache_pw_invalidate(nctx->initgr_mc_ctx, &key);
+            if (ret != EOK && ret != ENOENT) {
+                DEBUG(SSSDBG_CRIT_FAILURE,
+                      "Internal failure in memory cache code: %d [%s]\n",
+                      ret, strerror(ret));
+            }
         }
 
         talloc_zfree(res);
@@ -798,6 +805,15 @@ static int delete_entry_from_memcache(struct sss_domain_info *dom, char *name,
             goto done;
         }
         break;
+    case SSS_MC_INITGROUPS:
+        ret = sss_mmap_cache_initgr_invalidate(mc_ctx, &delete_name);
+        if (ret != EOK && ret != ENOENT) {
+            DEBUG(SSSDBG_CRIT_FAILURE,
+                  "Internal failure in memory cache code: %d [%s]\n",
+                  ret, strerror(ret));
+            goto done;
+        }
+        break;
     default:
         ret = EINVAL;
         goto done;
@@ -967,6 +983,14 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx)
                       "Deleting user from memcache failed.\n");
             }
 
+            ret = delete_entry_from_memcache(dctx->domain, name,
+                                             nctx->initgr_mc_ctx,
+                                             SSS_MC_INITGROUPS);
+            if (ret != EOK) {
+                DEBUG(SSSDBG_MINOR_FAILURE,
+                      "Deleting user from memcache failed.\n");
+            }
+
             return ENOENT;
         }
 
@@ -3871,6 +3895,14 @@ void nss_update_initgr_memcache(struct nss_ctx *nctx,
                   ret, strerror(ret));
         }
 
+        ret = sss_mmap_cache_initgr_invalidate(nctx->initgr_mc_ctx,
+                                               &delete_name);
+        if (ret != EOK && ret != ENOENT) {
+            DEBUG(SSSDBG_CRIT_FAILURE,
+                  "Internal failure in memory cache code: %d [%s]\n",
+                  ret, strerror(ret));
+        }
+
         /* Also invalidate his groups */
         changed = true;
     } else {
-- 
cgit