URL:
https://github.com/SSSD/sssd/pull/776
Author: sumit-bose
Title: #776: NEGCACHE: repopulate negative cache after get_domains and initialize UPN
negative cache as well
Action: opened
PR body:
"""
If SSSD starts offline the responders might only know about the configured
domain because the sub-domains have not been discovered yet. As a result
the permanent negative cache is only populated for the configured domain.
If later the system goes online and the sub-domains are discovered or a new
sub-domain was discovered at runtime the permanent negative cache is
currently not created for those domains.
This patch repopulates the negative cache for all known domains to the end
of the get_domains request.
Related to
https://pagure.io/SSSD/sssd/issue/3983
UPNs are handled separately in the negative cache. To properly filter user
names even in the case of the fallback to a UPN lookup the negative cahe
for UPNs has to be initialized with the names from the filter_user option
as well.
If the name from the option is a short name it will be added to the
negative UPN cache for each domain with the respective domain name. If the
name from the option is fully-qualified it will be added as is to the
negative UPN cache for each domain.
Related to
https://pagure.io/SSSD/sssd/issue/3978
"""
To pull the PR as Git branch:
git remote add ghsssd
https://github.com/SSSD/sssd
git fetch ghsssd pull/776/head:pr776
git checkout pr776