On Wed, Apr 16, 2014 at 03:04:16PM +0200, Pavel Reichl wrote:
On Mon, 2014-04-07 at 19:07 +0200, Jakub Hrozek wrote:
[snip]
> btw can we get into this situation where the refresh is on but a netgroup
> is expired even without misconfiguration? For instance if a netgroup was
> saved to the cache right before the backend was about to schedule the
> periodic task, then before the next task the netgroup was requested and
> already expired?
I see your concern now. But I think that the most critical moment would
be if netgroup was saved to the cache right *after* the periodic task
being scheduled. That could lead to netgroup not being refreshed for
almost 2*refresh_expired_interval and thus being stale for 1/2
entry_cache_timeout (~2700 seconds) if default values were used*.
Stale records, if they are in the range of minutes are OK in this case,
I think. The caching comes at a cost.
What would not be so ideal is if the next getnetgrent() would cause the
whole hierarchy to be downloaded again.