Hi there.
Does sssd export any library/function which would allow one to test if the dataset *was* coming from a cache and NOT the real source (assuming source outage)?
I have a LDAP backend provider here with a generous cache timeout. I was wondering if it would be possible to tap somewhere , to achieve something equivalent to `getent -s sss passwd xxx` but only if/when user xxx was cached by sssd and in offline mode.
In other words detect when sssd is in offline mode, the sssd cache is transparently servicing clients without resorting to parsing log files.
thkx
-ash
On (30/01/15 07:33), Ash Nand wrote:
Hi there.
Does sssd export any library/function which would allow one to test if the dataset *was* coming from a cache and NOT the real source (assuming source outage)?
I have a LDAP backend provider here with a generous cache timeout. I was wondering if it would be possible to tap somewhere , to achieve something equivalent to `getent -s sss passwd xxx` but only if/when user xxx was cached by sssd and in offline mode.
In other words detect when sssd is in offline mode, the sssd cache is transparently servicing clients without resorting to parsing log files.
We do not have a command line utility to find out this state. There is ticket in trac to impement it.
You can use netstat utility for such purpose as a workaround. For demonstaration putposes I send signals to main sssd process to go offline and then online. And you need to run netstat as a root otherwise you will not see PID and name of sssd process (netstat -p)
[root@host ~]# netstat -tpn | grep sssd_be tcp 0 0 10.34.129.86:56053 10.16.78.114:389 ESTABLISHED 7265/sssd_be
[root@host ~]# kill -USR1 `pgrep sssd$` [root@host ~]# netstat -tpn | grep sssd_be
[root@host ~]# kill -USR2 `pgrep sssd$` [root@host ~]# netstat -tpn | grep sssd_be
tcp 0 1 10.34.129.86:56055 10.16.78.114:389 SYN_SENT 7265/sssd_be [root@host ~]# netstat -tpn | grep sssd_be tcp 0 0 10.34.129.86:56055 10.16.78.114:389 ESTABLISHED 7265/sssd_be
HTH
LS
On Fri, Jan 30, 2015 at 10:03:02AM +0100, Lukas Slebodnik wrote:
On (30/01/15 07:33), Ash Nand wrote:
Hi there.
Does sssd export any library/function which would allow one to test if the dataset *was* coming from a cache and NOT the real source (assuming source outage)?
I have a LDAP backend provider here with a generous cache timeout. I was wondering if it would be possible to tap somewhere , to achieve something equivalent to `getent -s sss passwd xxx` but only if/when user xxx was cached by sssd and in offline mode.
In other words detect when sssd is in offline mode, the sssd cache is transparently servicing clients without resorting to parsing log files.
We do not have a command line utility to find out this state. There is ticket in trac to impement it.
You can use netstat utility for such purpose as a workaround. For demonstaration putposes I send signals to main sssd process to go offline and then online. And you need to run netstat as a root otherwise you will not see PID and name of sssd process (netstat -p)
[root@host ~]# netstat -tpn | grep sssd_be tcp 0 0 10.34.129.86:56053 10.16.78.114:389 ESTABLISHED 7265/sssd_be
[root@host ~]# kill -USR1 `pgrep sssd$` [root@host ~]# netstat -tpn | grep sssd_be
[root@host ~]# kill -USR2 `pgrep sssd$` [root@host ~]# netstat -tpn | grep sssd_be
tcp 0 1 10.34.129.86:56055 10.16.78.114:389 SYN_SENT 7265/sssd_be [root@host ~]# netstat -tpn | grep sssd_be tcp 0 0 10.34.129.86:56055 10.16.78.114:389 ESTABLISHED 7265/sssd_be
HTH
LS
You can also check the user's timestamps in the database using the ldbsearch tool, expire him with sss_cache tool, lookup the user and then check the timestamp was updated to current time.
sssd-users@lists.fedorahosted.org
-
Ash Nand -
Jakub Hrozek -
Lukas Slebodnik