summaryrefslogtreecommitdiffstats
path: root/src/providers
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2012-12-14 12:51:33 +0100
committerJakub Hrozek <jhrozek@redhat.com>2012-12-18 17:15:22 +0100
commit5860e321d82d007a5b7f4a1ff9a3893156e22b19 (patch)
tree071078865b8b63cde1e111a9fb325ab374ef5800 /src/providers
parente5c9834c45849cbf82ea420fa3e0efdc102cc26e (diff)
downloadsssd-5860e321d82d007a5b7f4a1ff9a3893156e22b19.tar.gz
sssd-5860e321d82d007a5b7f4a1ff9a3893156e22b19.tar.xz
sssd-5860e321d82d007a5b7f4a1ff9a3893156e22b19.zip
sudo: schedule another full refresh in short interval if the first fails
https://fedorahosted.org/sssd/ticket/1689 If the first full refresh of sudo rules fails because the data provider is offline, we will schedule another one in 2, 4, ... minutes.
Diffstat (limited to 'src/providers')
-rw-r--r--src/providers/ldap/sdap_sudo.c27
-rw-r--r--src/providers/ldap/sdap_sudo.h1
2 files changed, 28 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_sudo.c b/src/providers/ldap/sdap_sudo.c
index c4f422ed..9a780b8e 100644
--- a/src/providers/ldap/sdap_sudo.c
+++ b/src/providers/ldap/sdap_sudo.c
@@ -30,6 +30,8 @@
#include "providers/ldap/sdap_sudo_cache.h"
#include "db/sysdb_sudo.h"
+#define SUDO_MAX_FIRST_REFRESH_DELAY 16
+
struct sdap_sudo_full_refresh_state {
struct sdap_sudo_ctx *sudo_ctx;
struct sdap_id_ctx *id_ctx;
@@ -960,6 +962,7 @@ static void sdap_sudo_periodical_first_refresh_done(struct tevent_req *req)
struct tevent_req *subreq = NULL; /* req from sdap_sudo_full_refresh_send() */
struct sdap_sudo_ctx *sudo_ctx = NULL;
time_t delay;
+ time_t timeout;
int dp_error = DP_ERR_OK;
int error = EOK;
int ret;
@@ -999,6 +1002,30 @@ schedule:
return;
}
+ /* if we are offline, we will try to perform another full refresh */
+ if (dp_error == DP_ERR_OFFLINE) {
+ sudo_ctx->full_refresh_attempts++;
+ timeout = delay;
+ delay = sudo_ctx->full_refresh_attempts << 1;
+ if (delay > SUDO_MAX_FIRST_REFRESH_DELAY) {
+ delay = SUDO_MAX_FIRST_REFRESH_DELAY;
+ }
+
+ DEBUG(SSSDBG_TRACE_FUNC, ("Data provider is offline. "
+ "Scheduling another full refresh in %l minutes.\n", delay));
+
+ ret = sdap_sudo_schedule_refresh(sudo_ctx, sudo_ctx,
+ SDAP_SUDO_REFRESH_FULL,
+ sdap_sudo_periodical_first_refresh_done,
+ delay * 60, timeout);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Unable to schedule full refresh of sudo "
+ "rules! Periodical updates will not work!\n"));
+ }
+
+ return;
+ }
+
ret = sdap_sudo_schedule_full_refresh(sudo_ctx, delay);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, ("Full periodical refresh will not work.\n"));
diff --git a/src/providers/ldap/sdap_sudo.h b/src/providers/ldap/sdap_sudo.h
index 5a12afd5..6384c7b8 100644
--- a/src/providers/ldap/sdap_sudo.h
+++ b/src/providers/ldap/sdap_sudo.h
@@ -31,6 +31,7 @@ struct sdap_sudo_ctx {
bool use_host_filter;
bool full_refresh_done;
+ int full_refresh_attempts;
};
enum sdap_sudo_refresh_type {