|
 |
9f2ebf |
From f23a358915cfa27669c019fe0df21cce8851459e Mon Sep 17 00:00:00 2001
|
|
|
9f2ebf |
From: =?UTF-8?q?Michal=20=C5=BDidek?= <mzidek@redhat.com>
|
|
|
9f2ebf |
Date: Thu, 19 Oct 2017 16:42:19 +0200
|
|
|
9f2ebf |
Subject: [PATCH 02/21] NSS: Specify memcache_timeout=0 semantics
|
|
|
9f2ebf |
MIME-Version: 1.0
|
|
|
9f2ebf |
Content-Type: text/plain; charset=UTF-8
|
|
|
9f2ebf |
Content-Transfer-Encoding: 8bit
|
|
|
9f2ebf |
|
|
|
9f2ebf |
With this patch the memcache files will not be created when
|
|
|
9f2ebf |
memcache_timeout is set to zero.
|
|
|
9f2ebf |
|
|
|
9f2ebf |
Resolves:
|
|
|
9f2ebf |
https://pagure.io/SSSD/sssd/issue/3496
|
|
|
9f2ebf |
|
|
|
9f2ebf |
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
9f2ebf |
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
|
9f2ebf |
Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
|
|
|
9f2ebf |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
9f2ebf |
(cherry picked from commit ffe29e570a9e885c2f0061c34bb6be2bbd6ab9e4)
|
|
|
9f2ebf |
---
|
|
|
9f2ebf |
src/responder/nss/nsssrv.c | 6 ++++
|
|
|
9f2ebf |
src/tests/intg/test_memory_cache.py | 59 +++++++++++++++++++++++++++++++++++++
|
|
|
9f2ebf |
2 files changed, 65 insertions(+)
|
|
|
9f2ebf |
|
|
|
9f2ebf |
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
|
|
|
9f2ebf |
index 21dd198226da6cf14d7db4941806048662970fed..32bfcd69bbb9b35e9932b70a826c4f99ab6a07f3 100644
|
|
|
9f2ebf |
--- a/src/responder/nss/nsssrv.c
|
|
|
9f2ebf |
+++ b/src/responder/nss/nsssrv.c
|
|
|
9f2ebf |
@@ -277,6 +277,12 @@ static int setup_memcaches(struct nss_ctx *nctx)
|
|
|
9f2ebf |
return ret;
|
|
|
9f2ebf |
}
|
|
|
9f2ebf |
|
|
|
9f2ebf |
+ if (memcache_timeout == 0) {
|
|
|
9f2ebf |
+ DEBUG(SSSDBG_CONF_SETTINGS,
|
|
|
9f2ebf |
+ "Fast in-memory cache will not be initialized.");
|
|
|
9f2ebf |
+ return EOK;
|
|
|
9f2ebf |
+ }
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
/* TODO: read cache sizes from configuration */
|
|
|
9f2ebf |
ret = sss_mmap_cache_init(nctx, "passwd", SSS_MC_PASSWD,
|
|
|
9f2ebf |
SSS_MC_CACHE_ELEMENTS, (time_t)memcache_timeout,
|
|
|
9f2ebf |
diff --git a/src/tests/intg/test_memory_cache.py b/src/tests/intg/test_memory_cache.py
|
|
|
9f2ebf |
index c7ba72490174a6ec2257f9d317ac96b35c674779..cac9feb00459957650c5e455db1b2712e17ccd68 100644
|
|
|
9f2ebf |
--- a/src/tests/intg/test_memory_cache.py
|
|
|
9f2ebf |
+++ b/src/tests/intg/test_memory_cache.py
|
|
|
9f2ebf |
@@ -207,6 +207,32 @@ def fqname_case_insensitive_rfc2307(request, ldap_conn):
|
|
|
9f2ebf |
return None
|
|
|
9f2ebf |
|
|
|
9f2ebf |
|
|
|
9f2ebf |
+@pytest.fixture
|
|
|
9f2ebf |
+def zero_timeout_rfc2307(request, ldap_conn):
|
|
|
9f2ebf |
+ load_data_to_ldap(request, ldap_conn)
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ conf = unindent("""\
|
|
|
9f2ebf |
+ [sssd]
|
|
|
9f2ebf |
+ domains = LDAP
|
|
|
9f2ebf |
+ services = nss
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ [nss]
|
|
|
9f2ebf |
+ memcache_timeout = 0
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ [domain/LDAP]
|
|
|
9f2ebf |
+ ldap_auth_disable_tls_never_use_in_production = true
|
|
|
9f2ebf |
+ ldap_schema = rfc2307
|
|
|
9f2ebf |
+ id_provider = ldap
|
|
|
9f2ebf |
+ auth_provider = ldap
|
|
|
9f2ebf |
+ sudo_provider = ldap
|
|
|
9f2ebf |
+ ldap_uri = {ldap_conn.ds_inst.ldap_url}
|
|
|
9f2ebf |
+ ldap_search_base = {ldap_conn.ds_inst.base_dn}
|
|
|
9f2ebf |
+ """).format(**locals())
|
|
|
9f2ebf |
+ create_conf_fixture(request, conf)
|
|
|
9f2ebf |
+ create_sssd_fixture(request)
|
|
|
9f2ebf |
+ return None
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
def test_getpwnam(ldap_conn, sanity_rfc2307):
|
|
|
9f2ebf |
ent.assert_passwd_by_name(
|
|
|
9f2ebf |
'user1',
|
|
|
9f2ebf |
@@ -778,3 +804,36 @@ def test_removed_mc(ldap_conn, sanity_rfc2307):
|
|
|
9f2ebf |
grp.getgrnam('group1')
|
|
|
9f2ebf |
with pytest.raises(KeyError):
|
|
|
9f2ebf |
grp.getgrgid(2001)
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+def test_mc_zero_timeout(ldap_conn, zero_timeout_rfc2307):
|
|
|
9f2ebf |
+ """
|
|
|
9f2ebf |
+ Test that the memory cache is not created at all with memcache_timeout=0
|
|
|
9f2ebf |
+ """
|
|
|
9f2ebf |
+ # No memory cache files must be created
|
|
|
9f2ebf |
+ assert len(os.listdir(config.MCACHE_PATH)) == 0
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ ent.assert_passwd_by_name(
|
|
|
9f2ebf |
+ 'user1',
|
|
|
9f2ebf |
+ dict(name='user1', passwd='*', uid=1001, gid=2001,
|
|
|
9f2ebf |
+ gecos='1001', shell='/bin/bash'))
|
|
|
9f2ebf |
+ ent.assert_passwd_by_uid(
|
|
|
9f2ebf |
+ 1001,
|
|
|
9f2ebf |
+ dict(name='user1', passwd='*', uid=1001, gid=2001,
|
|
|
9f2ebf |
+ gecos='1001', shell='/bin/bash'))
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ ent.assert_group_by_name("group1", dict(name="group1", gid=2001))
|
|
|
9f2ebf |
+ ent.assert_group_by_gid(2001, dict(name="group1", gid=2001))
|
|
|
9f2ebf |
+ stop_sssd()
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ # sssd is stopped; so the memory cache should not be used
|
|
|
9f2ebf |
+ # in long living clients (py.test in this case)
|
|
|
9f2ebf |
+ with pytest.raises(KeyError):
|
|
|
9f2ebf |
+ pwd.getpwnam('user1')
|
|
|
9f2ebf |
+ with pytest.raises(KeyError):
|
|
|
9f2ebf |
+ pwd.getpwuid(1001)
|
|
|
9f2ebf |
+
|
|
|
9f2ebf |
+ with pytest.raises(KeyError):
|
|
|
9f2ebf |
+ grp.getgrnam('group1')
|
|
|
9f2ebf |
+ with pytest.raises(KeyError):
|
|
|
9f2ebf |
+ grp.getgrgid(2001)
|
|
|
9f2ebf |
--
|
|
|
9f2ebf |
2.13.5
|
|
|
9f2ebf |
|