From ad132722d6f3393ae1e6d720a222a0f880f2ea54 Mon Sep 17 00:00:00 2001
From: Pavel Reichl <preichl@redhat.com>
Date: Thu, 30 Oct 2014 16:50:27 +0000
Subject: CONFDB: Detect&fix misconf opt refresh_expired_interval
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Related to:
https://fedorahosted.org/sssd/ticket/2102

Reviewed-by: Pavel Březina <pbrezina@redhat.com>
---
 src/confdb/confdb.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'src/confdb')

diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index 8443fe553..c55a945a4 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -1058,6 +1058,21 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb,
         goto done;
     }
 
+    /* detect and fix misconfiguration */
+    if (domain->refresh_expired_interval > entry_cache_timeout) {
+        DEBUG(SSSDBG_CONF_SETTINGS,
+              "refresh_expired_interval (%d) cannot be greater then "
+              "entry_cache_timeout (%u)\n",
+              domain->refresh_expired_interval, entry_cache_timeout);
+
+        domain->refresh_expired_interval = 0.75 * entry_cache_timeout;
+
+        DEBUG(SSSDBG_CONF_SETTINGS,
+              "refresh_expired_interval is being set to recommended value "
+              "entry_cache_timeout * 0.75 (%u).\n",
+              domain->refresh_expired_interval);
+    }
+
     /* Set the PAM warning time, if specified. If not specified, pass on
      * the "not set" value of "-1" which means "use provider default". The
      * value 0 means "always display the warning if server sends one" */
-- 
cgit