[Freeipa-devel] [PATCH 0044] Periodically refresh global ipa-kdb configuration
Jan Pazdziora
jpazdziora at redhat.com
Tue Mar 11 13:45:20 UTC 2014
On Mon, Feb 24, 2014 at 02:26:27PM -0500, Nathaniel McCallum wrote:
> Before this patch, ipa-kdb would load global configuration on startup
> and never update it. This means that if global configuration is changed,
> the KDC never receives the new configuration until it is restarted.
>
> This patch enables caching of the global configuration with a timeout of
> 60 seconds.
>
> https://fedorahosted.org/freeipa/ticket/4153
> >From 7daeae56671d7b3049b0341aad66c96877431bbe Mon Sep 17 00:00:00 2001
> From: Nathaniel McCallum <npmccallum at redhat.com>
> Date: Mon, 24 Feb 2014 14:19:13 -0500
> Subject: [PATCH] Periodically refresh global ipa-kdb configuration
>
> Before this patch, ipa-kdb would load global configuration on startup and
> never update it. This means that if global configuration is changed, the
> KDC never receives the new configuration until it is restarted.
>
> This patch enables caching of the global configuration with a timeout of
> 60 seconds.
>
> https://fedorahosted.org/freeipa/ticket/4153
I have only read the code and it looks sane, so depending on how much
you consider my word about code-reading worth, ack.
However, my gut feeling is that my preferred way of handling the issue
(without knowing much about the background of the ticket) would
probably be a HUP signal handler or something similar, rather than
polling for current values with the value timeout. This patch
introduces small nondeterminism to the behaviour when the usage of the
new values cannot really be enfoced by the admin (without the daemon
restart).
--
Jan Pazdziora
Principal Software Engineer, Identity Management Engineering, Red Hat
More information about the Freeipa-devel
mailing list