[sssd/f14/master] - Log startup errors to the syslog - Allow cache cleanup to be disabled in sssd.conf

Stephen Gallagher sgallagh at fedoraproject.org
Tue Nov 16 17:48:57 UTC 2010 

commit 4e1de07cd887679ffbbe837df90346bbbf7015df
Author: Stephen Gallagher <sgallagh at redhat.com>
Date:   Tue Nov 16 12:48:57 2010 -0500

    - Log startup errors to the syslog
    - Allow cache cleanup to be disabled in sssd.conf

 0001-Log-startup-errors-to-syslog.patch            |   56 +++++++++++++++
 ...Treat-a-zero-length-password-as-a-failure.patch |   32 ---------
 ...roperly-document-ldap_purge_cache_timeout.patch |   72 ++++++++++++++++++++
 0002-Return-offline-instead-of-error.patch         |   31 ---------
 sssd.spec                                          |   12 +++-
 5 files changed, 139 insertions(+), 64 deletions(-)
---
diff --git a/0001-Log-startup-errors-to-syslog.patch b/0001-Log-startup-errors-to-syslog.patch
new file mode 100644
index 0000000..17a4da6
--- /dev/null
+++ b/0001-Log-startup-errors-to-syslog.patch
@@ -0,0 +1,56 @@
+From 57736f3037984574b42b72fef7ae14fa2bce35b0 Mon Sep 17 00:00:00 2001
+From: Stephen Gallagher <sgallagh at redhat.com>
+Date: Wed, 10 Nov 2010 11:04:31 -0500
+Subject: [PATCH 1/2] Log startup errors to syslog
+
+---
+ src/monitor/monitor.c |   16 +++++++++-------
+ 1 files changed, 9 insertions(+), 7 deletions(-)
+
+diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
+index 1c2a058e5a8d684798dcb2ea461199467c73f407..6479f7a9fd5877e7b5baaaee4f3f92001506d730 100644
+--- a/src/monitor/monitor.c
++++ b/src/monitor/monitor.c
+@@ -2167,7 +2167,7 @@ int main(int argc, const char *argv[])
+     uid = getuid();
+     if (uid != 0) {
+         DEBUG(1, ("Running under %d, must be root\n", uid));
+-        ERROR("sssd must be run as root\n");
++        sss_log(SSS_LOG_ALERT, "sssd must be run as root");
+         return 8;
+     }
+ 
+@@ -2202,9 +2202,10 @@ int main(int argc, const char *argv[])
+     ret = check_file(NSCD_SOCKET_PATH, -1, -1, -1, CHECK_SOCK, NULL);
+     if (ret == EOK) {
+         DEBUG(0, ("WARNING: nscd appears to be running\n"));
+-        ERROR("nscd socket was detected.  As nscd caching capabilities "
+-              "may conflict with SSSD, it is recommended to not run "
+-              "nscd in parallel with SSSD\n");
++        sss_log(SSS_LOG_NOTICE,
++                "nscd socket was detected.  As nscd caching capabilities "
++                "may conflict with SSSD, it is recommended to not run "
++                "nscd in parallel with SSSD");
+     }
+ 
+     /* Parse config file, fail if cannot be done */
+@@ -2212,12 +2213,13 @@ int main(int argc, const char *argv[])
+     if (ret != EOK) {
+         if (ret == EPERM) {
+             DEBUG(1, ("Cannot read configuration file %s\n", config_file));
+-            ERROR("Cannot read config file %s, please check if permissions "
+-                  "are 0600 and the file is owned by root.root\n", config_file);
++            sss_log(SSS_LOG_ALERT,
++                    "Cannot read config file %s, please check if permissions "
++                    "are 0600 and the file is owned by root.root", config_file);
+         } else {
+             DEBUG(1, ("Error loading configuration database: [%d]: %s",
+                       ret, strerror(ret)));
+-            ERROR("Cannot load configuration database\n");
++            sss_log(SSS_LOG_ALERT, "Cannot load configuration database");
+         }
+         return 4;
+     }
+-- 
+1.7.3.2
+
diff --git a/0002-Properly-document-ldap_purge_cache_timeout.patch b/0002-Properly-document-ldap_purge_cache_timeout.patch
new file mode 100644
index 0000000..fc1dc8c
--- /dev/null
+++ b/0002-Properly-document-ldap_purge_cache_timeout.patch
@@ -0,0 +1,72 @@
+From 4f8400f86d33d0f64adccb71c8190ad33db2770a Mon Sep 17 00:00:00 2001
+From: Stephen Gallagher <sgallagh at redhat.com>
+Date: Tue, 2 Nov 2010 07:46:13 -0400
+Subject: [PATCH 2/2] Properly document ldap_purge_cache_timeout
+
+Also allow it to be disabled entirely
+---
+ src/man/sssd-ldap.5.xml          |   19 +++++++++++++++++++
+ src/providers/ldap/ldap_common.c |   10 +++++++++-
+ 2 files changed, 28 insertions(+), 1 deletions(-)
+
+diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml
+index 87d388ade2b9b3613a18eb70e079b1266e940a14..64f216f5f5092a23635b9c4f96dbb133b309e556 100644
+--- a/src/man/sssd-ldap.5.xml
++++ b/src/man/sssd-ldap.5.xml
+@@ -447,6 +447,25 @@
+                 </varlistentry>
+ 
+                 <varlistentry>
++                    <term>ldap_purge_cache_timeout</term>
++                    <listitem>
++                        <para>
++                            Determine how often to check the cache for
++                            inactive entries (such as groups with no
++                            members and users who have never logged in) and
++                            remove them to save space.
++                        </para>
++                        <para>
++                            Setting this option to zero will disable the
++                            cache cleanup operation.
++                        </para>
++                        <para>
++                            Default: 10800 (12 hours)
++                        </para>
++                    </listitem>
++                </varlistentry>
++
++                <varlistentry>
+                     <term>ldap_user_fullname (string)</term>
+                     <listitem>
+                         <para>
+diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
+index ea5f957076675b4b8210917a928761e68088d485..c074098d6574078a6ec0e80851a1b02a51f5b0e1 100644
+--- a/src/providers/ldap/ldap_common.c
++++ b/src/providers/ldap/ldap_common.c
+@@ -397,6 +397,7 @@ int sdap_id_setup_tasks(struct sdap_id_ctx *ctx)
+ {
+     struct timeval tv;
+     int ret = EOK;
++    int delay;
+ 
+     /* set up enumeration task */
+     if (ctx->be->domain->enumerate) {
+@@ -406,7 +407,14 @@ int sdap_id_setup_tasks(struct sdap_id_ctx *ctx)
+         ret = ldap_id_enumerate_set_timer(ctx, tv);
+     } else {
+         /* the enumeration task, runs the cleanup process by itself,
+-         * but if enumeration is not runnig we need to schedule it */
++         * but if enumeration is not running we need to schedule it */
++        delay = dp_opt_get_int(ctx->opts->basic, SDAP_CACHE_PURGE_TIMEOUT);
++        if (delay == 0) {
++            /* Cleanup has been explicitly disabled, so we won't
++             * schedule any cleanup tasks.
++             */
++            return EOK;
++        }
+ 
+         /* run the first one in a couple of seconds so that we have time to
+          * finish initializations first*/
+-- 
+1.7.3.2
+
diff --git a/sssd.spec b/sssd.spec
index 3e5578c..c1b757c 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -5,7 +5,7 @@
 
 Name: sssd
 Version: 1.4.1
-Release: 1%{?dist}
+Release: 2%{?dist}
 Group: Applications/System
 Summary: System Security Services Daemon
 License: GPLv3+
@@ -15,6 +15,9 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
 ### Patches ###
 
+Patch0001: 0001-Log-startup-errors-to-syslog.patch
+Patch0002: 0002-Properly-document-ldap_purge_cache_timeout.patch
+
 ### Dependencies ###
 
 Requires: libldb >= 0.9.3
@@ -93,6 +96,9 @@ service.
 %prep
 %setup -q
 
+%patch0001 -p1
+%patch0002 -p1
+
 %build
 %configure \
     --with-db-path=%{dbpath} \
@@ -233,6 +239,10 @@ fi
 %postun client -p /sbin/ldconfig
 
 %changelog
+* Tue Nov 16 2010 Stephen Gallagher <sgallagh at redhat.com> - 1.4.1-2
+- Log startup errors to the syslog
+- Allow cache cleanup to be disabled in sssd.conf
+
 * Mon Nov 01 2010 Stephen Gallagher <sgallagh at redhat.com> - 1.4.1-1
 - New upstream release 1.4.1
 - Add support for netgroups to the proxy provider

More information about the scm-commits mailing list