From af81aaa57f82eab78647113c391bd84247f96150 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Tue, 16 Feb 2010 14:11:00 +0100 Subject: Better cleanup task handling Implements a different mechanism for cleanup task. Instead of just deleting expired entries, this patch adds a new option account_cache_expiration for domains. If an entry is expired and the last login was more days in the past that account_cache_expiration, the entry is deleted. Groups are deleted if they are expired and and no user references them (no user has memberof: attribute pointing at that group). The parameter account_cache_expiration is not LDAP-specific, so that other future backends might use the same timeout setting. Fixes: #391 --- src/confdb/confdb.h | 1 + 1 file changed, 1 insertion(+) (limited to 'src/confdb') diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h index 66576c354..06faa43ba 100644 --- a/src/confdb/confdb.h +++ b/src/confdb/confdb.h @@ -101,6 +101,7 @@ #define CONFDB_DOMAIN_FQ "use_fully_qualified_names" #define CONFDB_DOMAIN_ENTRY_CACHE_TIMEOUT "entry_cache_timeout" #define CONFDB_DOMAIN_FAMILY_ORDER "lookup_family_order" +#define CONFDB_DOMAIN_ACCOUNT_CACHE_EXPIRATION "account_cache_expiration" /* Local Provider */ #define CONFDB_LOCAL_DEFAULT_SHELL "default_shell" -- cgit