diff options
author | Pavel Březina <pbrezina@redhat.com> | 2012-04-23 15:07:17 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-06-29 11:37:16 -0400 |
commit | 80357fbba7e8251c85aa884749f275eed28eb4eb (patch) | |
tree | bc65ffa47310a477d42f15cdd43730aabcd1a072 /src/providers/ldap/sdap_sudo_cache.c | |
parent | 4cab4191f9e0d8d2cc04084964c71454a62852fe (diff) | |
download | sssd-80357fbba7e8251c85aa884749f275eed28eb4eb.tar.gz sssd-80357fbba7e8251c85aa884749f275eed28eb4eb.tar.xz sssd-80357fbba7e8251c85aa884749f275eed28eb4eb.zip |
sudo ldap provider: add expiration time to each rule
Diffstat (limited to 'src/providers/ldap/sdap_sudo_cache.c')
-rw-r--r-- | src/providers/ldap/sdap_sudo_cache.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/src/providers/ldap/sdap_sudo_cache.c b/src/providers/ldap/sdap_sudo_cache.c index c58fa1c3..39b028d6 100644 --- a/src/providers/ldap/sdap_sudo_cache.c +++ b/src/providers/ldap/sdap_sudo_cache.c @@ -26,7 +26,9 @@ static errno_t sdap_save_native_sudorule(struct sysdb_ctx *sysdb_ctx, struct sdap_attr_map *map, - struct sysdb_attrs *attrs) + struct sysdb_attrs *attrs, + int cache_timeout, + time_t now) { errno_t ret; const char *rule_name; @@ -39,6 +41,14 @@ sdap_save_native_sudorule(struct sysdb_ctx *sysdb_ctx, return ret; } + ret = sysdb_attrs_add_time_t(attrs, SYSDB_CACHE_EXPIRE, + (cache_timeout ? (now + cache_timeout) : 0)); + if (ret) { + DEBUG(SSSDBG_OP_FAILURE, ("Could not set sysdb cache expire [%d]: %s\n", + ret, strerror(ret))); + return ret; + } + ret = sysdb_save_sudorule(sysdb_ctx, rule_name, attrs); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("Could not save sudorule %s\n", rule_name)); @@ -52,7 +62,9 @@ errno_t sdap_save_native_sudorule_list(struct sysdb_ctx *sysdb_ctx, struct sdap_attr_map *map, struct sysdb_attrs **replies, - size_t replies_count) + size_t replies_count, + int cache_timeout, + time_t now) { errno_t ret, tret; bool in_transaction = false; @@ -66,7 +78,8 @@ sdap_save_native_sudorule_list(struct sysdb_ctx *sysdb_ctx, in_transaction = true; for (i=0; i<replies_count; i++) { - ret = sdap_save_native_sudorule(sysdb_ctx, map, replies[i]); + ret = sdap_save_native_sudorule(sysdb_ctx, map, replies[i], + cache_timeout, now); if (ret != EOK) { goto fail; } |