diff options
author | Pavel Březina <pbrezina@redhat.com> | 2012-12-14 12:51:33 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2012-12-18 17:15:22 +0100 |
commit | 5860e321d82d007a5b7f4a1ff9a3893156e22b19 (patch) | |
tree | 071078865b8b63cde1e111a9fb325ab374ef5800 /src/providers | |
parent | e5c9834c45849cbf82ea420fa3e0efdc102cc26e (diff) | |
download | sssd-5860e321d82d007a5b7f4a1ff9a3893156e22b19.tar.gz sssd-5860e321d82d007a5b7f4a1ff9a3893156e22b19.tar.xz sssd-5860e321d82d007a5b7f4a1ff9a3893156e22b19.zip |
sudo: schedule another full refresh in short interval if the first fails
https://fedorahosted.org/sssd/ticket/1689
If the first full refresh of sudo rules fails because the data provider
is offline, we will schedule another one in 2, 4, ... minutes.
Diffstat (limited to 'src/providers')
-rw-r--r-- | src/providers/ldap/sdap_sudo.c | 27 | ||||
-rw-r--r-- | src/providers/ldap/sdap_sudo.h | 1 |
2 files changed, 28 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_sudo.c b/src/providers/ldap/sdap_sudo.c index c4f422ed..9a780b8e 100644 --- a/src/providers/ldap/sdap_sudo.c +++ b/src/providers/ldap/sdap_sudo.c @@ -30,6 +30,8 @@ #include "providers/ldap/sdap_sudo_cache.h" #include "db/sysdb_sudo.h" +#define SUDO_MAX_FIRST_REFRESH_DELAY 16 + struct sdap_sudo_full_refresh_state { struct sdap_sudo_ctx *sudo_ctx; struct sdap_id_ctx *id_ctx; @@ -960,6 +962,7 @@ static void sdap_sudo_periodical_first_refresh_done(struct tevent_req *req) struct tevent_req *subreq = NULL; /* req from sdap_sudo_full_refresh_send() */ struct sdap_sudo_ctx *sudo_ctx = NULL; time_t delay; + time_t timeout; int dp_error = DP_ERR_OK; int error = EOK; int ret; @@ -999,6 +1002,30 @@ schedule: return; } + /* if we are offline, we will try to perform another full refresh */ + if (dp_error == DP_ERR_OFFLINE) { + sudo_ctx->full_refresh_attempts++; + timeout = delay; + delay = sudo_ctx->full_refresh_attempts << 1; + if (delay > SUDO_MAX_FIRST_REFRESH_DELAY) { + delay = SUDO_MAX_FIRST_REFRESH_DELAY; + } + + DEBUG(SSSDBG_TRACE_FUNC, ("Data provider is offline. " + "Scheduling another full refresh in %l minutes.\n", delay)); + + ret = sdap_sudo_schedule_refresh(sudo_ctx, sudo_ctx, + SDAP_SUDO_REFRESH_FULL, + sdap_sudo_periodical_first_refresh_done, + delay * 60, timeout); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, ("Unable to schedule full refresh of sudo " + "rules! Periodical updates will not work!\n")); + } + + return; + } + ret = sdap_sudo_schedule_full_refresh(sudo_ctx, delay); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("Full periodical refresh will not work.\n")); diff --git a/src/providers/ldap/sdap_sudo.h b/src/providers/ldap/sdap_sudo.h index 5a12afd5..6384c7b8 100644 --- a/src/providers/ldap/sdap_sudo.h +++ b/src/providers/ldap/sdap_sudo.h @@ -31,6 +31,7 @@ struct sdap_sudo_ctx { bool use_host_filter; bool full_refresh_done; + int full_refresh_attempts; }; enum sdap_sudo_refresh_type { |