From 8d0b8a15a56f1fd12655e838cc17004d12dff8dd Mon Sep 17 00:00:00 2001

From: Pavel Reichl <preichl@redhat.com>

Date: Thu, 30 Oct 2014 16:50:27 +0000

Subject: [PATCH 52/64] CONFDB: Detect&fix misconf opt refresh_expired_interval

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

Related to:

https://fedorahosted.org/sssd/ticket/2102

Reviewed-by: Pavel Březina <pbrezina@redhat.com>

---

 src/confdb/confdb.c | 15 +++++++++++++++

 1 file changed, 15 insertions(+)

diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c

index 8443fe5539e1fd7b6deee6dca7cc689868933757..c55a945a4d3ab4b4070963889a8421d7c78bcad7 100644

--- a/src/confdb/confdb.c

+++ b/src/confdb/confdb.c

@@ -1058,6 +1058,21 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb,

         goto done;

     }

+    /* detect and fix misconfiguration */

+    if (domain->refresh_expired_interval > entry_cache_timeout) {

+        DEBUG(SSSDBG_CONF_SETTINGS,

+              "refresh_expired_interval (%d) cannot be greater then "

+              "entry_cache_timeout (%u)\n",

+              domain->refresh_expired_interval, entry_cache_timeout);

+

+        domain->refresh_expired_interval = 0.75 * entry_cache_timeout;

+

+        DEBUG(SSSDBG_CONF_SETTINGS,

+              "refresh_expired_interval is being set to recommended value "

+              "entry_cache_timeout * 0.75 (%u).\n",

+              domain->refresh_expired_interval);

+    }

+

     /* Set the PAM warning time, if specified. If not specified, pass on

      * the "not set" value of "-1" which means "use provider default". The

      * value 0 means "always display the warning if server sends one" */

-- 

1.9.3