On 05/11/2016 11:14 AM, Pavel Březina wrote:
On 05/10/2016 02:02 PM, Petr Cech wrote:
> On 05/10/2016 11:57 AM, Pavel Březina wrote:
>> Hi,
>
> Hello Pavel,
>
>> patches works as expected. I would like you to rename few things
>> though... "locals" refers more to a resident and it is not being used
in
>> the meaning of local users and groups. I'd rather use the word
"local"
>> (singular), is_local (where boolean is used).
>
> Addressed.
>
>> Please rename the new option into something more similar as
>> entry_negative_timeou, maybe local_negative_timeout,
>> unix_negative_timeout or files_negative_timeout...
>
> Addressed.
>
>> Its man page description doesn't read well in english (especially the
>> second sentence). Maybe something like this would be better:
>>
>> Specifies for how many seconds nss_sss should keep local users and
>> groups in negative cache before trying to look the up in the back end
>> again.
>
> Addressed.
I made a typo there and you copy pasted it there :-) It should read:
Specifies for how many seconds nss_sss should keep local users and
groups in negative cache before trying to look it up in the back end
again.
s/the/it
>> Would it be beneficial to add some magic value (say -1) to
represent
>> permanent ncache record?
>
> I don't think so. We haven't such behaviour yet. Permanent negcaching is
> set item by item by set function. And during discussion about negcaching
> of local users, the opinion has been that we didn't want it.
>
> But if you know case for it I am open for it.
Ok, I don't require it.
>> Can you add some debuggin to is_user_local_by_name and
similar functions
>> so we can see that local ncache timeout was used? Something like:
>>
>> if (ret == EOK && pwd_result != NULL) {
>> DEBUG(SSSDBG_TRACE_FUNC, "User %s is a local user\n", name);
>> is_local = true;
>> }
>
> Addressed.
You want to use SPRIuid as format specifier for uid_t and SPRIgid for gid_t.
>
> Thank you for review, Pavel.
>
> Regards
CI failed
http://sssd-ci.duckdns.org/logs/job/43/16/summary.html