diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2017-04-04 15:33:38 +0200 |
---|---|---|
committer | Lukas Slebodnik <lslebodn@redhat.com> | 2017-09-01 20:26:23 +0200 |
commit | 197da163943868216f704fb34031e7d5576e8aee (patch) | |
tree | 3987bbfb931f057945107dd760452e40285aecef /src/man/sssd-secrets.5.xml | |
parent | 392f48c039d7a6d70bce6ae2d122042391653566 (diff) | |
download | sssd-197da163943868216f704fb34031e7d5576e8aee.tar.gz sssd-197da163943868216f704fb34031e7d5576e8aee.tar.xz sssd-197da163943868216f704fb34031e7d5576e8aee.zip |
SECRETS: Use separate quotas for /kcm and /secrets hives
This would differentiate between out-of-capacity errors for secrets and
for KCM as they are two independent trees as far as sssd-secrets is
concerned.
The quotas for /kcm are also different in their defaults. For the /secrets
hive, we presume a large amount of small secrets. For the /kcm hive, we
presume a small amount of large secrets, because the secret is a ccache
which contains multiple credentials.
The operations are also passed in a struct quota from the local request
context instead of local_context. The quota is assigned to the request
context when the hive is selected.
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Fabiano FidĂȘncio <fidencio@redhat.com>
Diffstat (limited to 'src/man/sssd-secrets.5.xml')
-rw-r--r-- | src/man/sssd-secrets.5.xml | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/man/sssd-secrets.5.xml b/src/man/sssd-secrets.5.xml index d50cb13d8..ba77d6232 100644 --- a/src/man/sssd-secrets.5.xml +++ b/src/man/sssd-secrets.5.xml @@ -196,7 +196,7 @@ systemctl enable sssd-secrets.service can be stored in the hive. </para> <para> - Default: 1024 + Default: 1024 (secrets hive), 256 (kcm hive) </para> </listitem> </varlistentry> @@ -208,7 +208,7 @@ systemctl enable sssd-secrets.service a secret payload in kilobytes. </para> <para> - Default: 16 + Default: 16 (secrets hive), 65536 (64 MiB) (kcm hive) </para> </listitem> </varlistentry> |