>From 30d7cb8cdfb2bbc45f2ab8415b2edc3a57a5a744 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Sun, 29 Mar 2015 20:30:44 +0200 Subject: [PATCH 5/5] NSS: Reset negcache after checking domains The NSS responder periodically re-checks subdomains. We need to reset the negative cache each time the check finishes to allow the negative cache to contain entries from different domains. --- src/responder/nss/nsssrv_cmd.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 576532226f71075a4d714fc0e20cdc475ffea8db..72da865d0bbe2142799a93415f0a645ae9cac13d 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -105,6 +105,18 @@ struct setent_ctx { struct getent_ctx *getent_ctx; }; +static int nss_reset_negcache(struct resp_ctx *rctx) +{ + struct nss_ctx *nss_ctx; + + nss_ctx = talloc_get_type(rctx->pvt_ctx, struct nss_ctx); + if (nss_ctx == NULL) { + return EIO; + } + + return sss_ncache_reset_repopulate_permanent(rctx, nss_ctx->ncache); +} + /**************************************************************************** * PASSWD db related functions ***************************************************************************/ @@ -1450,6 +1462,12 @@ static void nss_cmd_getbynam_done(struct tevent_req *req) goto done; } + ret = nss_reset_negcache(cctx->rctx); + if (ret != EOK) { + DEBUG(SSSDBG_MINOR_FAILURE, "Cannot reset negcache records\n"); + /* Not fatal */ + } + DEBUG(SSSDBG_TRACE_FUNC, "Requesting info for [%s] from [%s]\n", cmdctx->name, domname?domname:""); @@ -1808,6 +1826,12 @@ static void nss_cmd_getbyid_done(struct tevent_req *req) goto done; } + ret = nss_reset_negcache(cmdctx->cctx->rctx); + if (ret != EOK) { + DEBUG(SSSDBG_MINOR_FAILURE, "Cannot reset negcache records\n"); + /* Not fatal */ + } + /* ok, find it ! */ switch(dctx->cmdctx->cmd) { case SSS_NSS_GETPWUID: -- 2.1.0