From 980020c1ad798b79e7bb2c1618a04dd5cb7dd5cd Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 24 Feb 2010 10:20:48 +0100 Subject: Fix check for values of expiration limits There were inconsistencies between what sssd.conf manpage said and what the code enforces. --- src/man/sssd.conf.5.xml | 4 ++-- src/providers/ldap/ldap_common.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 171d261b6..a3ec028f3 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -467,8 +467,8 @@ Number of days entries are left in cache after last successful login before being removed during a cleanup of the cache. 0 means keep forever. - The value of this parameter must be bigger than - offline_credentials_expiration. + The value of this parameter must be greater than or + equal to offline_credentials_expiration. Default: 0 (unlimited) diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index a67ea3626..b5765c276 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -251,7 +251,7 @@ int ldap_get_options(TALLOC_CTX *memctx, goto done; } if (offline_credentials_expiration && account_cache_expiration && - offline_credentials_expiration >= account_cache_expiration) { + offline_credentials_expiration > account_cache_expiration) { DEBUG(1, ("Value of %s (now %d) must be larger " "than value of %s (now %d)\n", opts->basic[SDAP_ACCOUNT_CACHE_EXPIRATION].opt_name, -- cgit