On Wed, Dec 08, 2010 at 04:29:43PM -0500, Stephen Gallagher wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Patch 0001: Add sysdb_has_enumerated and sysdb_set_enumerated helper
functions
Patch 0002: Start first enumeration immediately
Previously, we would wait for ten seconds before starting an
enumeration. However, this meant that on the first startup (before
we had run our first enumeration) there was a ten-second window
where clients would immediately get back a response with no
entries instead of blocking until the enumeration completed.
With this patch, SSSD will now run an enumeration immediately upon
startup. Further startups will retain the ten-second delay so as
not to slow down system bootups.
This patch works as expected, but I'm not sure that it fixes original
issue, because there is still a window, although 10s shorter, where the
cache is empty and a 'getent passwd' call will return immediately
without any data. This window can be quite large if the LDAP server is
slow or there are a lot of users and groups to enumerate.
If there was a 'getent passwd' call during the initial enumeration it
looks that new 'getent passwd' still return nothing until
enum_cache_timeout is over.
So maybe if we do not want to block the early enumeration request we
should not set the timeout until the cache if filled.
bye,
Sumit
Fixes
https://fedorahosted.org/sssd/ticket/616
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org/
iEYEARECAAYFAkz/+McACgkQeiVVYja6o6MjTgCdHQWbZOOKtcURTbl29PV/YR0u
j7wAoKAm7stVwQT89xdz3vZyN/w6vMZU
=xOOZ
-----END PGP SIGNATURE-----