|
 |
0ff280 |
From b7f31936e21b109b5446c48513619cd87974be54 Mon Sep 17 00:00:00 2001
|
|
|
0ff280 |
From: Alexey Tikhonov <atikhono@redhat.com>
|
|
|
0ff280 |
Date: Tue, 31 Mar 2020 22:57:25 +0200
|
|
|
0ff280 |
Subject: [PATCH 33/35] NSS: make memcache size configurable in megabytes
|
|
|
0ff280 |
|
|
|
0ff280 |
Memcache size was made configurable in megabytes and not in slots
|
|
|
0ff280 |
to hide internal implementation from users.
|
|
|
0ff280 |
|
|
|
0ff280 |
Relates: https://github.com/SSSD/sssd/issues/5115
|
|
|
0ff280 |
|
|
|
0ff280 |
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
0ff280 |
---
|
|
|
0ff280 |
src/config/SSSDConfig/sssdoptions.py | 6 ++---
|
|
|
0ff280 |
src/man/sssd.conf.5.xml | 33 +++++++++++++---------------
|
|
|
0ff280 |
src/responder/nss/nsssrv.c | 20 +++++++++--------
|
|
|
0ff280 |
3 files changed, 29 insertions(+), 30 deletions(-)
|
|
|
0ff280 |
|
|
|
0ff280 |
diff --git a/src/config/SSSDConfig/sssdoptions.py b/src/config/SSSDConfig/sssdoptions.py
|
|
|
0ff280 |
index 16d85cfa3..f57ad4b41 100644
|
|
|
0ff280 |
--- a/src/config/SSSDConfig/sssdoptions.py
|
|
|
0ff280 |
+++ b/src/config/SSSDConfig/sssdoptions.py
|
|
|
0ff280 |
@@ -72,9 +72,9 @@ class SSSDOptions(object):
|
|
|
0ff280 |
'shell_fallback': _('If a shell stored in central directory is allowed but not available, use this fallback'),
|
|
|
0ff280 |
'default_shell': _('Shell to use if the provider does not list one'),
|
|
|
0ff280 |
'memcache_timeout': _('How long will be in-memory cache records valid'),
|
|
|
0ff280 |
- 'memcache_size_passwd': _('Number of slots in fast in-memory cache for passwd requests'),
|
|
|
0ff280 |
- 'memcache_size_group': _('Number of slots in fast in-memory cache for group requests'),
|
|
|
0ff280 |
- 'memcache_size_initgroups': _('Number of slots in fast in-memory cache for initgroups requests'),
|
|
|
0ff280 |
+ 'memcache_size_passwd': _('Size (in megabytes) of the data table allocated inside fast in-memory cache for passwd requests'),
|
|
|
0ff280 |
+ 'memcache_size_group': _('Size (in megabytes) of the data table allocated inside fast in-memory cache for group requests'),
|
|
|
0ff280 |
+ 'memcache_size_initgroups': _('Size (in megabytes) of the data table allocated inside fast in-memory cache for initgroups requests'),
|
|
|
0ff280 |
'homedir_substring': _('The value of this option will be used in the expansion of the override_homedir option '
|
|
|
0ff280 |
'if the template contains the format string %H.'),
|
|
|
0ff280 |
'get_domains_timeout': _('Specifies time in seconds for which the list of subdomains will be considered '
|
|
|
0ff280 |
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
|
|
|
0ff280 |
index 9bc2e26e5..874a09c49 100644
|
|
|
0ff280 |
--- a/src/man/sssd.conf.5.xml
|
|
|
0ff280 |
+++ b/src/man/sssd.conf.5.xml
|
|
|
0ff280 |
@@ -1076,7 +1076,7 @@ fallback_homedir = /home/%u
|
|
|
0ff280 |
</listitem>
|
|
|
0ff280 |
</varlistentry>
|
|
|
0ff280 |
<varlistentry>
|
|
|
0ff280 |
- <term>memcache_timeout (int)</term>
|
|
|
0ff280 |
+ <term>memcache_timeout (integer)</term>
|
|
|
0ff280 |
<listitem>
|
|
|
0ff280 |
<para>
|
|
|
0ff280 |
Specifies time in seconds for which records
|
|
|
0ff280 |
@@ -1104,14 +1104,13 @@ fallback_homedir = /home/%u
|
|
|
0ff280 |
<term>memcache_size_passwd (integer)</term>
|
|
|
0ff280 |
<listitem>
|
|
|
0ff280 |
<para>
|
|
|
0ff280 |
- Number of slots allocated inside fast in-memory
|
|
|
0ff280 |
- cache for passwd requests. Note that one entry
|
|
|
0ff280 |
- in fast in-memory cache can occupy more than one slot.
|
|
|
0ff280 |
- Setting the size to 0 will disable the passwd in-memory
|
|
|
0ff280 |
- cache.
|
|
|
0ff280 |
+ Size (in megabytes) of the data table allocated inside
|
|
|
0ff280 |
+ fast in-memory cache for passwd requests.
|
|
|
0ff280 |
+ Setting the size to 0 will disable the passwd
|
|
|
0ff280 |
+ in-memory cache.
|
|
|
0ff280 |
</para>
|
|
|
0ff280 |
<para>
|
|
|
0ff280 |
- Default: 200000
|
|
|
0ff280 |
+ Default: 8
|
|
|
0ff280 |
</para>
|
|
|
0ff280 |
<para>
|
|
|
0ff280 |
WARNING: Disabled or too small in-memory cache can
|
|
|
0ff280 |
@@ -1130,14 +1129,13 @@ fallback_homedir = /home/%u
|
|
|
0ff280 |
<term>memcache_size_group (integer)</term>
|
|
|
0ff280 |
<listitem>
|
|
|
0ff280 |
<para>
|
|
|
0ff280 |
- Number of slots allocated inside fast in-memory
|
|
|
0ff280 |
- cache for group requests. Note that one entry
|
|
|
0ff280 |
- in fast in-memory cache can occupy more than one
|
|
|
0ff280 |
- slot. Setting the size to 0 will disable the group
|
|
|
0ff280 |
+ Size (in megabytes) of the data table allocated inside
|
|
|
0ff280 |
+ fast in-memory cache for group requests.
|
|
|
0ff280 |
+ Setting the size to 0 will disable the group
|
|
|
0ff280 |
in-memory cache.
|
|
|
0ff280 |
</para>
|
|
|
0ff280 |
<para>
|
|
|
0ff280 |
- Default: 150000
|
|
|
0ff280 |
+ Default: 6
|
|
|
0ff280 |
</para>
|
|
|
0ff280 |
<para>
|
|
|
0ff280 |
WARNING: Disabled or too small in-memory cache can
|
|
|
0ff280 |
@@ -1156,14 +1154,13 @@ fallback_homedir = /home/%u
|
|
|
0ff280 |
<term>memcache_size_initgroups (integer)</term>
|
|
|
0ff280 |
<listitem>
|
|
|
0ff280 |
<para>
|
|
|
0ff280 |
- Number of slots allocated inside fast in-memory
|
|
|
0ff280 |
- cache for initgroups requests. Note that one entry
|
|
|
0ff280 |
- in fast in-memory cache can occupy more than one
|
|
|
0ff280 |
- slot. Setting the size to 0 will disable the
|
|
|
0ff280 |
- initgroups in-memory cache.
|
|
|
0ff280 |
+ Size (in megabytes) of the data table allocated inside
|
|
|
0ff280 |
+ fast in-memory cache for initgroups requests.
|
|
|
0ff280 |
+ Setting the size to 0 will disable the initgroups
|
|
|
0ff280 |
+ in-memory cache.
|
|
|
0ff280 |
</para>
|
|
|
0ff280 |
<para>
|
|
|
0ff280 |
- Default: 250000
|
|
|
0ff280 |
+ Default: 10
|
|
|
0ff280 |
</para>
|
|
|
0ff280 |
<para>
|
|
|
0ff280 |
WARNING: Disabled or too small in-memory cache can
|
|
|
0ff280 |
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
|
|
|
0ff280 |
index 42a63d9bb..741e94aaa 100644
|
|
|
0ff280 |
--- a/src/responder/nss/nsssrv.c
|
|
|
0ff280 |
+++ b/src/responder/nss/nsssrv.c
|
|
|
0ff280 |
@@ -34,6 +34,7 @@
|
|
|
0ff280 |
|
|
|
0ff280 |
#include "util/util.h"
|
|
|
0ff280 |
#include "util/sss_ptr_hash.h"
|
|
|
0ff280 |
+#include "util/mmap_cache.h"
|
|
|
0ff280 |
#include "responder/nss/nss_private.h"
|
|
|
0ff280 |
#include "responder/nss/nss_iface.h"
|
|
|
0ff280 |
#include "responder/nss/nsssrv_mmap_cache.h"
|
|
|
0ff280 |
@@ -210,9 +211,10 @@ done:
|
|
|
0ff280 |
static int setup_memcaches(struct nss_ctx *nctx)
|
|
|
0ff280 |
{
|
|
|
0ff280 |
/* Default memcache sizes */
|
|
|
0ff280 |
- static const size_t SSS_MC_CACHE_PASSWD_SLOTS = 200000; /* 8mb */
|
|
|
0ff280 |
- static const size_t SSS_MC_CACHE_GROUP_SLOTS = 150000; /* 6mb */
|
|
|
0ff280 |
- static const size_t SSS_MC_CACHE_INITGROUP_SLOTS = 250000; /* 10mb */
|
|
|
0ff280 |
+ static const size_t SSS_MC_CACHE_SLOTS_PER_MB = 1024*1024/MC_SLOT_SIZE;
|
|
|
0ff280 |
+ static const size_t SSS_MC_CACHE_PASSWD_SIZE = 8;
|
|
|
0ff280 |
+ static const size_t SSS_MC_CACHE_GROUP_SIZE = 6;
|
|
|
0ff280 |
+ static const size_t SSS_MC_CACHE_INITGROUP_SIZE = 10;
|
|
|
0ff280 |
|
|
|
0ff280 |
int ret;
|
|
|
0ff280 |
int memcache_timeout;
|
|
|
0ff280 |
@@ -251,7 +253,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
|
|
|
0ff280 |
ret = confdb_get_int(nctx->rctx->cdb,
|
|
|
0ff280 |
CONFDB_NSS_CONF_ENTRY,
|
|
|
0ff280 |
CONFDB_NSS_MEMCACHE_SIZE_PASSWD,
|
|
|
0ff280 |
- SSS_MC_CACHE_PASSWD_SLOTS,
|
|
|
0ff280 |
+ SSS_MC_CACHE_PASSWD_SIZE,
|
|
|
0ff280 |
&mc_size_passwd);
|
|
|
0ff280 |
if (ret != EOK) {
|
|
|
0ff280 |
DEBUG(SSSDBG_FATAL_FAILURE,
|
|
|
0ff280 |
@@ -263,7 +265,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
|
|
|
0ff280 |
ret = confdb_get_int(nctx->rctx->cdb,
|
|
|
0ff280 |
CONFDB_NSS_CONF_ENTRY,
|
|
|
0ff280 |
CONFDB_NSS_MEMCACHE_SIZE_GROUP,
|
|
|
0ff280 |
- SSS_MC_CACHE_GROUP_SLOTS,
|
|
|
0ff280 |
+ SSS_MC_CACHE_GROUP_SIZE,
|
|
|
0ff280 |
&mc_size_group);
|
|
|
0ff280 |
if (ret != EOK) {
|
|
|
0ff280 |
DEBUG(SSSDBG_FATAL_FAILURE,
|
|
|
0ff280 |
@@ -275,7 +277,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
|
|
|
0ff280 |
ret = confdb_get_int(nctx->rctx->cdb,
|
|
|
0ff280 |
CONFDB_NSS_CONF_ENTRY,
|
|
|
0ff280 |
CONFDB_NSS_MEMCACHE_SIZE_INITGROUPS,
|
|
|
0ff280 |
- SSS_MC_CACHE_INITGROUP_SLOTS,
|
|
|
0ff280 |
+ SSS_MC_CACHE_INITGROUP_SIZE,
|
|
|
0ff280 |
&mc_size_initgroups);
|
|
|
0ff280 |
if (ret != EOK) {
|
|
|
0ff280 |
DEBUG(SSSDBG_FATAL_FAILURE,
|
|
|
0ff280 |
@@ -290,7 +292,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
|
|
|
0ff280 |
ret = sss_mmap_cache_init(nctx, "passwd",
|
|
|
0ff280 |
nctx->mc_uid, nctx->mc_gid,
|
|
|
0ff280 |
SSS_MC_PASSWD,
|
|
|
0ff280 |
- mc_size_passwd,
|
|
|
0ff280 |
+ mc_size_passwd * SSS_MC_CACHE_SLOTS_PER_MB,
|
|
|
0ff280 |
(time_t)memcache_timeout,
|
|
|
0ff280 |
&nctx->pwd_mc_ctx);
|
|
|
0ff280 |
if (ret) {
|
|
|
0ff280 |
@@ -310,7 +312,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
|
|
|
0ff280 |
ret = sss_mmap_cache_init(nctx, "group",
|
|
|
0ff280 |
nctx->mc_uid, nctx->mc_gid,
|
|
|
0ff280 |
SSS_MC_GROUP,
|
|
|
0ff280 |
- mc_size_group,
|
|
|
0ff280 |
+ mc_size_group * SSS_MC_CACHE_SLOTS_PER_MB,
|
|
|
0ff280 |
(time_t)memcache_timeout,
|
|
|
0ff280 |
&nctx->grp_mc_ctx);
|
|
|
0ff280 |
if (ret) {
|
|
|
0ff280 |
@@ -330,7 +332,7 @@ static int setup_memcaches(struct nss_ctx *nctx)
|
|
|
0ff280 |
ret = sss_mmap_cache_init(nctx, "initgroups",
|
|
|
0ff280 |
nctx->mc_uid, nctx->mc_gid,
|
|
|
0ff280 |
SSS_MC_INITGROUPS,
|
|
|
0ff280 |
- mc_size_initgroups,
|
|
|
0ff280 |
+ mc_size_initgroups * SSS_MC_CACHE_SLOTS_PER_MB,
|
|
|
0ff280 |
(time_t)memcache_timeout,
|
|
|
0ff280 |
&nctx->initgr_mc_ctx);
|
|
|
0ff280 |
if (ret) {
|
|
|
0ff280 |
--
|
|
|
0ff280 |
2.21.3
|
|
|
0ff280 |
|