diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-04-15 09:19:40 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-04-15 11:58:58 -0400 |
commit | b4abe4088ceec0189f97b1a0e3fce37c23066206 (patch) | |
tree | 9c2a2869474dc185d288e4ab1c2f21d41daa2d17 /src/responder | |
parent | ee5d3b527b4f7272e59fa630f4511aa1e84bf674 (diff) | |
download | sssd_unused-b4abe4088ceec0189f97b1a0e3fce37c23066206.tar.gz sssd_unused-b4abe4088ceec0189f97b1a0e3fce37c23066206.tar.xz sssd_unused-b4abe4088ceec0189f97b1a0e3fce37c23066206.zip |
Fix regressions in the negative cachesssd-1.5.1-30.el6
Do not throw a DP error when failing to delete a nonexistent entity
Add debug logging to the negative cache
Fix a regression with the negative cache in multi-domain configurations
Fix regression where nonexistent entries were never added to the negative cache
Diffstat (limited to 'src/responder')
-rw-r--r-- | src/responder/common/negcache.c | 5 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 63 |
2 files changed, 44 insertions, 24 deletions
diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index 5f85df25..d8c4c269 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -71,6 +71,8 @@ static int sss_ncache_check_str(struct sss_nc_ctx *ctx, char *str, int ttl) char *ep; int ret; + DEBUG(8, ("Checking negative cache for [%s]\n", str)); + ret = string_to_tdb_data(str, &key); if (ret != EOK) goto done; @@ -141,6 +143,9 @@ static int sss_ncache_set_str(struct sss_nc_ctx *ctx, ret = string_to_tdb_data(timest, &data); if (ret != EOK) goto done; + DEBUG(6, ("Adding [%s] to negative cache%s\n", + str, permanent?" permanently":"")); + ret = tdb_store(ctx->tdb, key, data, TDB_REPLACE); if (ret != 0) { DEBUG(1, ("Negative cache failed to set entry: [%s]\n", diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 2153d649..db301b38 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -532,12 +532,17 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) /* if neg cached, return we didn't find it */ if (ret == EEXIST) { - DEBUG(2, ("User [%s] does not exist! (negative cache)\n", name)); + DEBUG(2, ("User [%s] does not exist in [%s]! (negative cache)\n", + name, dom->name)); /* if a multidomain search, try with next */ if (cmdctx->check_next) { dom = dom->next; continue; } + /* There are no further domains or this was a + * fully-qualified user request. + */ + return ENOENT; } DEBUG(4, ("Requesting info for [%s@%s]\n", name, dom->name)); @@ -560,20 +565,20 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) } if (dctx->res->count == 0 && !dctx->check_provider) { + /* set negative cache only if not result of cache check */ + ret = sss_ncache_set_user(nctx->ncache, false, dom->name, name); + if (ret != EOK) { + return ret; + } + /* if a multidomain search, try with next */ if (cmdctx->check_next) { dom = dom->next; - continue; + if (dom) continue; } DEBUG(2, ("No results for getpwnam call\n")); - /* set negative cache only if not result of cache check */ - ret = sss_ncache_set_user(nctx->ncache, false, dom->name, name); - if (ret != EOK) { - return ret; - } - return ENOENT; } @@ -1794,12 +1799,17 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) /* if neg cached, return we didn't find it */ if (ret == EEXIST) { - DEBUG(2, ("Group [%s] does not exist! (negative cache)\n", name)); + DEBUG(2, ("Group [%s] does not exist in [%s]! (negative cache)\n", + name, dom->name)); /* if a multidomain search, try with next */ if (cmdctx->check_next) { dom = dom->next; continue; } + /* There are no further domains or this was a + * fully-qualified user request. + */ + return ENOENT; } DEBUG(4, ("Requesting info for [%s@%s]\n", name, dom->name)); @@ -1822,20 +1832,20 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) } if (dctx->res->count == 0 && !dctx->check_provider) { + /* set negative cache only if not result of cache check */ + ret = sss_ncache_set_group(nctx->ncache, false, dom->name, name); + if (ret != EOK) { + return ret; + } + /* if a multidomain search, try with next */ if (cmdctx->check_next) { dom = dom->next; - continue; + if (dom) continue; } DEBUG(2, ("No results for getgrnam call\n")); - /* set negative cache only if not result of cache check */ - ret = sss_ncache_set_group(nctx->ncache, false, dom->name, name); - if (ret != EOK) { - return ret; - } - return ENOENT; } @@ -2827,12 +2837,17 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) /* if neg cached, return we didn't find it */ if (ret == EEXIST) { - DEBUG(2, ("User [%s] does not exist! (negative cache)\n", name)); + DEBUG(2, ("User [%s] does not exist in [%s]! (negative cache)\n", + dom->name, name)); /* if a multidomain search, try with next */ if (cmdctx->check_next) { dom = dom->next; continue; } + /* There are no further domains or this was a + * fully-qualified user request. + */ + return ENOENT; } DEBUG(4, ("Requesting info for [%s@%s]\n", name, dom->name)); @@ -2851,20 +2866,20 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) } if (dctx->res->count == 0 && !dctx->check_provider) { + /* set negative cache only if not result of cache check */ + ret = sss_ncache_set_user(nctx->ncache, false, dom->name, name); + if (ret != EOK) { + return ret; + } + /* if a multidomain search, try with next */ if (cmdctx->check_next) { dom = dom->next; - continue; + if (dom) continue; } DEBUG(2, ("No results for initgroups call\n")); - /* set negative cache only if not result of cache check */ - ret = sss_ncache_set_user(nctx->ncache, false, dom->name, name); - if (ret != EOK) { - return ret; - } - return ENOENT; } |