diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2013-07-26 15:05:40 +0200 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2013-07-26 15:05:40 +0200 |
| commit | 7c85202ab49b005bf4a4fe5113ccaa9b25b584f9 (patch) | |
| tree | 56229ff26cd878176707d9672fe65148b6073c5a | |
| parent | d2e2e400e79c94c2e60f21ec61811dfe948924cc (diff) | |
| parent | e1b0399ee018d217cd50267cef03c28dfdb32fbf (diff) | |
Make cache invalidation more generic
This changes the nscd_invalidate option into a more generic
reconnect_invalidate and also allows clearing the nfsidmap cache.
| -rw-r--r-- | man/nslcd.conf.5.xml | 20 | ||||
| -rw-r--r-- | nslcd/Makefile.am | 2 | ||||
| -rw-r--r-- | nslcd/attmap.c | 3 | ||||
| -rw-r--r-- | nslcd/cfg.c | 15 | ||||
| -rw-r--r-- | nslcd/cfg.h | 3 | ||||
| -rw-r--r-- | nslcd/common.h | 8 | ||||
| -rw-r--r-- | nslcd/invalidator.c (renamed from nslcd/nscd.c) | 87 | ||||
| -rw-r--r-- | nslcd/myldap.c | 4 | ||||
| -rw-r--r-- | nslcd/nslcd.c | 6 | ||||
| -rw-r--r-- | pynslcd/Makefile.am | 2 | ||||
| -rw-r--r-- | pynslcd/cfg.py | 10 | ||||
| -rw-r--r-- | pynslcd/invalidator.py (renamed from pynslcd/nscd.py) | 38 | ||||
| -rwxr-xr-x | pynslcd/pynslcd.py | 8 | ||||
| -rw-r--r-- | pynslcd/search.py | 4 | ||||
| -rw-r--r-- | tests/Makefile.am | 2 |
15 files changed, 122 insertions, 90 deletions
diff --git a/man/nslcd.conf.5.xml b/man/nslcd.conf.5.xml index 87d21f8..482ad7b 100644 --- a/man/nslcd.conf.5.xml +++ b/man/nslcd.conf.5.xml @@ -818,20 +818,28 @@ </listitem> </varlistentry> - <varlistentry id="nscd_invalidate"> <!-- since 0.9.0 --> - <term><option>nscd_invalidate</option> + <varlistentry id="reconnect_invalidate"> <!-- since 0.9.1, was nscd_invalidate in 0.9.0 --> + <term><option>reconnect_invalidate</option> <replaceable>DB</replaceable>,<replaceable>DB</replaceable>,...</term> <listitem> <para> If this option is set, on start-up and whenever a connection to the <acronym>LDAP</acronym> server is re-established after an error + the specified cache is flushed. + </para> + <para> + If <replaceable>DB</replaceable> is one of the nsswitch maps, <command>nscd</command> is contacted to flush it's cache for the - configured databases. + specified database. + </para> + <para> <!-- since 0.9.1 --> + If <replaceable>DB</replaceable> is <literal>nfsidmap</literal>, + <command>nfsidmap</command> to contacted to clear it's cache. </para> <para> - Using this option ensures that <command>nscd</command> is not - caching absence of users that were not available if the LDAP server - was unavailable. + Using this option ensures that external caches are cleared of + information (typically the absence of users) while the + <acronym>LDAP</acronym> server was unavailable. </para> </listitem> </varlistentry> diff --git a/nslcd/Makefile.am b/nslcd/Makefile.am index 60560f8..4346f21 100644 --- a/nslcd/Makefile.am +++ b/nslcd/Makefile.am @@ -30,7 +30,7 @@ nslcd_SOURCES = nslcd.c ../nslcd.h ../common/nslcd-prot.h \ myldap.c myldap.h \ cfg.c cfg.h \ attmap.c attmap.h \ - nsswitch.c nscd.c \ + nsswitch.c invalidator.c \ config.c alias.c ether.c group.c host.c netgroup.c network.c \ passwd.c protocol.c rpc.c service.c shadow.c pam.c usermod.c nslcd_LDADD = ../common/libtio.a ../common/libdict.a \ diff --git a/nslcd/attmap.c b/nslcd/attmap.c index 2480096..08130fa 100644 --- a/nslcd/attmap.c +++ b/nslcd/attmap.c @@ -57,6 +57,7 @@ const char **base_get_var(enum ldap_map_selector map) case LM_RPC: return rpc_bases; case LM_SERVICES: return service_bases; case LM_SHADOW: return shadow_bases; + case LM_NFSIDMAP: case LM_NONE: default: return NULL; } @@ -90,6 +91,7 @@ int *scope_get_var(enum ldap_map_selector map) case LM_RPC: return &rpc_scope; case LM_SERVICES: return &service_scope; case LM_SHADOW: return &shadow_scope; + case LM_NFSIDMAP: case LM_NONE: default: return NULL; } @@ -123,6 +125,7 @@ const char **filter_get_var(enum ldap_map_selector map) case LM_RPC: return &rpc_filter; case LM_SERVICES: return &service_filter; case LM_SHADOW: return &shadow_filter; + case LM_NFSIDMAP: case LM_NONE: default: return NULL; } diff --git a/nslcd/cfg.c b/nslcd/cfg.c index 056b6e2..ec1237c 100644 --- a/nslcd/cfg.c +++ b/nslcd/cfg.c @@ -527,6 +527,7 @@ static const char *print_map(enum ldap_map_selector map) case LM_RPC: return "rpc"; case LM_SERVICES: return "services"; case LM_SHADOW: return "shadow"; + case LM_NFSIDMAP: return "nfsidmap"; case LM_NONE: default: return "???"; } @@ -933,7 +934,7 @@ static void handle_pam_password_prohibit_message( cfg->pam_password_prohibit_message = value; } -static void handle_nscd_invalidate( +static void handle_reconnect_invalidate( const char *filename, int lnr, const char *keyword, char *line, struct ldap_config *cfg) { @@ -962,7 +963,7 @@ static void handle_nscd_invalidate( log_log(LOG_ERR, "%s:%d: unknown map: '%s'", filename, lnr, name); exit(EXIT_FAILURE); } - cfg->nscd_invalidate[map] = 1; + cfg->reconnect_invalidate[map] = 1; } } } @@ -1099,7 +1100,7 @@ static void cfg_defaults(struct ldap_config *cfg) cfg->pam_authz_searches[i] = NULL; cfg->pam_password_prohibit_message = NULL; for (i = 0; i < LM_NONE; i++) - cfg->nscd_invalidate[i] = 0; + cfg->reconnect_invalidate[i] = 0; } static void cfg_read(const char *filename, struct ldap_config *cfg) @@ -1431,9 +1432,9 @@ static void cfg_read(const char *filename, struct ldap_config *cfg) { handle_pam_password_prohibit_message(filename, lnr, keyword, line, cfg); } - else if (strcasecmp(keyword, "nscd_invalidate") == 0) + else if (strcasecmp(keyword, "reconnect_invalidate") == 0) { - handle_nscd_invalidate(filename, lnr, keyword, line, cfg); + handle_reconnect_invalidate(filename, lnr, keyword, line, cfg); } #ifdef ENABLE_CONFIGFILE_CHECKING /* fallthrough */ @@ -1688,14 +1689,14 @@ static void cfg_dump(void) /* build a comma-separated list */ buffer[0] = '\0'; for (i = 0; i < LM_NONE ; i++) - if (nslcd_cfg->nscd_invalidate[i]) + if (nslcd_cfg->reconnect_invalidate[i]) { if (buffer[0] != '\0') strncat(buffer, ",", sizeof(buffer) - 1 - strlen(buffer)); strncat(buffer, print_map(i), sizeof(buffer) - 1 - strlen(buffer)); } if (buffer[0] != '\0') - log_log(LOG_DEBUG, "CFG: nscd_invalidate %s", buffer); + log_log(LOG_DEBUG, "CFG: reconnect_invalidate %s", buffer); } void cfg_init(const char *fname) diff --git a/nslcd/cfg.h b/nslcd/cfg.h index bd53560..65b2058 100644 --- a/nslcd/cfg.h +++ b/nslcd/cfg.h @@ -67,6 +67,7 @@ enum ldap_map_selector { LM_RPC, LM_SERVICES, LM_SHADOW, + LM_NFSIDMAP, /* only used for cache invalidation */ LM_NONE }; @@ -125,7 +126,7 @@ struct ldap_config { int ignorecase; /* whether or not case should be ignored in lookups */ char *pam_authz_searches[NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES]; /* the searches that should be performed to do autorisation checks */ char *pam_password_prohibit_message; /* whether password changing should be denied and user prompted with this message */ - char nscd_invalidate[LM_NONE]; /* set to 1 if the corresponding map should be invalidated */ + char reconnect_invalidate[LM_NONE]; /* set to 1 if the corresponding map should be invalidated */ }; /* this is a pointer to the global configuration, it should be available diff --git a/nslcd/common.h b/nslcd/common.h index a6c2c4d..fce92f6 100644 --- a/nslcd/common.h +++ b/nslcd/common.h @@ -141,11 +141,11 @@ void nsswitch_check_reload(void); int nsswitch_shadow_uses_ldap(void); /* start a child process that holds onto the original privileges with the - sole purpose of running nscd -i commands */ -int nscd_start_invalidator(void); + purpose of running external cache invalidation commands */ +int invalidator_start(void); -/* signal nscd to invalidate the selected map */ -void nscd_invalidate(enum ldap_map_selector map); +/* signal invalidator to invalidate the selected external cache */ +void invalidator_do(enum ldap_map_selector map); /* fallback definition of HOST_NAME_MAX */ #ifndef HOST_NAME_MAX diff --git a/nslcd/nscd.c b/nslcd/invalidator.c index da58c2e..03584eb 100644 --- a/nslcd/nscd.c +++ b/nslcd/invalidator.c @@ -1,5 +1,5 @@ /* - nscd.c - functions for invalidating the nscd cache + invalidator.c - functions for invalidating external caches Copyright (C) 2013 Arthur de Jong @@ -36,7 +36,7 @@ #include "log.h" /* the write end of a pipe that is used to signal the child process - to call nscd to invalidate the cache */ + to invalidate the cache */ static int signalfd = -1; /* we have our own implementation because nscd could use different names */ @@ -55,21 +55,39 @@ static const char *map2name(enum ldap_map_selector map) case LM_RPC: return "rpc"; case LM_SERVICES: return "services"; case LM_SHADOW: return "shadow"; + case LM_NFSIDMAP: return "nfsidmap"; case LM_NONE: default: return NULL; } } -/* invalidate the specified database in nscd */ +/* invalidate the specified database */ static void exec_invalidate(const char *db) { pid_t cpid; int i, status; - char *argv[] = { "nscd", "-i", NULL, NULL }; + char *argv[4]; + char cmdline[80]; #ifdef HAVE_EXECVPE char *newenviron[] = { NULL }; #endif - log_log(LOG_DEBUG, "nscd_invalidator: nscd -i %s", db); + /* build command line */ + if (strcmp(db, "nfsidmap") == 0) + { + argv[0] = "nfsidmap"; + argv[1] = "-c"; + argv[2] = NULL; + } + else + { + argv[0] = "nscd"; + argv[1] = "-i"; + argv[2] = (char *)db; + argv[3] = NULL; + } + mysnprintf(cmdline, 80, "%s %s%s%s", argv[0], argv[1], + argv[2] != NULL ? " " : "", argv[2] != NULL ? argv[2] : ""); + log_log(LOG_DEBUG, "invalidator: %s", cmdline); /* do fork/exec */ switch (cpid=fork()) { @@ -83,18 +101,17 @@ static void exec_invalidate(const char *db) for (; i >= 0; i--) close(i); /* execute command */ - argv[2] = (char *)db; #ifdef HAVE_EXECVPE - execvpe("nscd", argv, newenviron); + execvpe(argv[0], argv, newenviron); #else - execvp("nscd", argv); + execvp(argv[0], argv); #endif /* if we are here there has been an error */ /* we can't log since we don't have any useful file descriptors */ _exit(EXIT_FAILURE); break; case -1: /* we are the parent, but have an error */ - log_log(LOG_ERR, "nscd_invalidator: fork() failed: %s", strerror(errno)); + log_log(LOG_ERR, "invalidator: fork() failed: %s", strerror(errno)); break; default: /* we are the parent */ /* wait for child exit */ @@ -105,39 +122,39 @@ static void exec_invalidate(const char *db) } while ((i < 0) && (errno == EINTR)); if (i < 0) - log_log(LOG_ERR, "nscd_invalidator: waitpid(%d) failed: %s", (int)cpid, strerror(errno)); + log_log(LOG_ERR, "invalidator: waitpid(%d) failed: %s", (int)cpid, strerror(errno)); else if (WIFEXITED(status)) { i = WEXITSTATUS(status); if (i == 0) - log_log(LOG_DEBUG, "nscd_invalidator: nscd -i %s (pid %d) success", - db, (int)cpid); + log_log(LOG_DEBUG, "invalidator: %s (pid %d) success", + cmdline, (int)cpid); else - log_log(LOG_DEBUG, "nscd_invalidator: nscd -i %s (pid %d) failed (%d)", - db, (int)cpid, i); + log_log(LOG_DEBUG, "invalidator: %s (pid %d) failed (%d)", + cmdline, (int)cpid, i); } else if (WIFSIGNALED(status)) { i = WTERMSIG(status); - log_log(LOG_ERR, "nscd_invalidator: nscd -i %s (pid %d) killed by %s (%d)", - db, (int)cpid, signame(i), i); + log_log(LOG_ERR, "invalidator: %s (pid %d) killed by %s (%d)", + cmdline, (int)cpid, signame(i), i); } else - log_log(LOG_ERR, "nscd_invalidator: nscd -i %s (pid %d) had unknown failure", - db, (int)cpid); + log_log(LOG_ERR, "invalidator: %s (pid %d) had unknown failure", + cmdline, (int)cpid); break; } } /* main loop for the invalidator process */ -static void nscd_handle_requests(int fd) +static void handle_requests(int fd) { int i; uint8_t c; const char *db; - log_log(LOG_DEBUG, "nscd_invalidator: starting"); + log_log(LOG_DEBUG, "invalidator: starting"); /* set up environment */ - chdir("/"); + (void)chdir("/"); putenv("PATH=/usr/sbin:/usr/bin:/sbin:/bin"); /* handle incoming requests */ while (1) @@ -145,17 +162,17 @@ static void nscd_handle_requests(int fd) i = read(fd, &c, sizeof(uint8_t)); if (i == 0) { - log_log(LOG_ERR, "nscd_invalidator: EOF"); + log_log(LOG_ERR, "invalidator: EOF"); _exit(EXIT_SUCCESS); } else if (i < 0) { if (errno == EINTR) - log_log(LOG_DEBUG, "nscd_invalidator: read failed (ignored): %s", + log_log(LOG_DEBUG, "invalidator: read failed (ignored): %s", strerror(errno)); else { - log_log(LOG_ERR, "nscd_invalidator: read failed: %s", strerror(errno)); + log_log(LOG_ERR, "invalidator: read failed: %s", strerror(errno)); _exit(EXIT_SUCCESS); } } @@ -163,7 +180,7 @@ static void nscd_handle_requests(int fd) { db = map2name((enum ldap_map_selector)c); if (db == NULL) - log_log(LOG_ERR, "nscd_invalidator: invalid db received"); + log_log(LOG_ERR, "invalidator: invalid db received"); else exec_invalidate(db); } @@ -171,8 +188,8 @@ static void nscd_handle_requests(int fd) } /* start a child process that holds onto the original privileges with the - sole purpose of running nscd -i commands */ -int nscd_start_invalidator(void) + purpose of running external cache invalidation commands */ +int invalidator_start(void) { int pipefds[2]; pid_t cpid; @@ -199,7 +216,7 @@ int nscd_start_invalidator(void) close(pipefds[1]); return -1; } - /* fork a child to perfrom the nscd invalidate commands */ + /* fork a child to perfrom the invalidate commands */ cpid = fork(); if (cpid < 0) { @@ -212,7 +229,7 @@ int nscd_start_invalidator(void) { /* we are the child: close the write end and handle requests */ close(pipefds[1]); - nscd_handle_requests(pipefds[0]); + handle_requests(pipefds[0]); /* the handle function should't return */ _exit(EXIT_FAILURE); } @@ -222,19 +239,19 @@ int nscd_start_invalidator(void) return 0; } -/* signal nscd to invalidate the selected map */ -void nscd_invalidate(enum ldap_map_selector map) +/* signal invalidator to invalidate the selected external cache */ +void invalidator_do(enum ldap_map_selector map) { uint8_t c; int rc; if (signalfd < 0) return; - /* LM_NONE is used to signal all maps condigured in nscd_invalidate */ + /* LM_NONE is used to signal all maps condigured in reconnect_invalidate */ if (map == LM_NONE) { for (map = 0; map < LM_NONE ; map++) - if (nslcd_cfg->nscd_invalidate[map]) - nscd_invalidate(map); + invalidator_do(map); + if (nslcd_cfg->reconnect_invalidate[map]) return; } /* write a single byte which should be atomic and not fill the PIPE @@ -243,6 +260,6 @@ void nscd_invalidate(enum ldap_map_selector map) c = (uint8_t)map; rc = write(signalfd, &c, sizeof(uint8_t)); if (rc <= 0) - log_log(LOG_WARNING, "error signalling nscd invalidator: %s", + log_log(LOG_WARNING, "error signalling invalidator: %s", strerror(errno)); } diff --git a/nslcd/myldap.c b/nslcd/myldap.c index 243ec9e..b2258d4 100644 --- a/nslcd/myldap.c +++ b/nslcd/myldap.c @@ -1197,8 +1197,8 @@ static int do_retry_search(MYLDAP_SEARCH *search) if ((current_uri->lastfail > 0) || (search->session->current_uri != start_uri)) { log_log(LOG_INFO, "connected to LDAP server %s", current_uri->uri); - /* signal nscd cache invalidation */ - nscd_invalidate(LM_NONE); + /* signal external invalidation of configured caches */ + invalidator_do(LM_NONE); } /* update ok time */ current_uri->firstfail = 0; diff --git a/nslcd/nslcd.c b/nslcd/nslcd.c index 0816647..8cc29c6 100644 --- a/nslcd/nslcd.c +++ b/nslcd/nslcd.c @@ -706,12 +706,12 @@ int main(int argc, char *argv[]) if (!nslcd_debugging) log_startlogging(); log_log(LOG_INFO, "version %s starting", VERSION); - /* start subprocess to do nscd invalidating if nscd_invalidate is set */ + /* start subprocess to do invalidating if reconnect_invalidate is set */ for (i = 0; i < LM_NONE; i++) - if (nslcd_cfg->nscd_invalidate[i]) + if (nslcd_cfg->reconnect_invalidate[i]) break; if (i < LM_NONE) - nscd_start_invalidator(); + invalidator_start(); /* write pidfile */ create_pidfile(NSLCD_PIDFILE); /* install handler to close stuff off on exit and log notice */ diff --git a/pynslcd/Makefile.am b/pynslcd/Makefile.am index d0604f4..f96654b 100644 --- a/pynslcd/Makefile.am +++ b/pynslcd/Makefile.am @@ -20,7 +20,7 @@ pynslcddir = $(datadir)/pynslcd pynslcd_PYTHON = pynslcd.py attmap.py cache.py cfg.py common.py expr.py \ - mypidfile.py nscd.py search.py tio.py \ + mypidfile.py invalidator.py search.py tio.py \ alias.py ether.py group.py host.py netgroup.py network.py \ passwd.py protocol.py rpc.py service.py shadow.py pam.py \ usermod.py diff --git a/pynslcd/cfg.py b/pynslcd/cfg.py index a9f1d89..cf9c872 100644 --- a/pynslcd/cfg.py +++ b/pynslcd/cfg.py @@ -85,7 +85,7 @@ nss_nested_groups = False validnames = re.compile(r'^[a-z0-9._@$][a-z0-9._@$ \\~-]{0,98}[a-z0-9._@$~-]$', re.IGNORECASE) pam_authz_searches = [] pam_password_prohibit_message = None # FIXME: add support -nscd_invalidate = set() +reconnect_invalidate = set() # allowed boolean values @@ -311,15 +311,15 @@ def read(filename): flags = 0 | re.IGNORECASE if m.group('flags') == 'i' else 0 validnames = re.compile(m.group('value'), flags=flags) continue - # nscd_invalidate <MAP>,<MAP>,... - m = re.match('nscd_invalidate\s+(?P<value>\S.*)', + # reconnect_invalidate <MAP>,<MAP>,... + m = re.match('reconnect_invalidate\s+(?P<value>\S.*)', line, re.IGNORECASE) if m: dbs = re.split('[ ,]+', m.group('value').lower()) for db in dbs: - if db not in maps: + if db not in maps.keys() + ['nfsidmap']: raise ParseError(filename, lineno, 'map %s unknown' % db) - nscd_invalidate.update(dbs) + reconnect_invalidate.update(dbs) continue # unrecognised line raise ParseError(filename, lineno, 'error parsing line %r' % line) diff --git a/pynslcd/nscd.py b/pynslcd/invalidator.py index acee9a9..98c0783 100644 --- a/pynslcd/nscd.py +++ b/pynslcd/invalidator.py @@ -1,5 +1,5 @@ -# nscd.py - functions for invalidating the nscd cache +# invalidator.py - functions for invalidating external caches # # Copyright (C) 2013 Arthur de Jong # @@ -34,38 +34,38 @@ signalfd = None _db_to_char = dict( aliases='A', ethers='E', group='G', hosts='H', netgroup='U', networks='N', passwd='P', protocols='L', rpc='R', services='V', - shadow='S', + shadow='S', nfsidmap='F', ) _char_to_db = dict((reversed(item) for item in _db_to_char.items())) -def exec_invalidate(db): - logging.debug('nscd_invalidator: nscd -i %s', db) +def exec_invalidate(*args): + cmd = ' '.join(args) + logging.debug('invalidator: %s', cmd) try: - p = subprocess.Popen(['nscd', '-i', db], - bufsize=4096, close_fds=True, + p = subprocess.Popen(args, bufsize=4096, close_fds=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT) output, ignored = p.communicate() if output: output = ': %s' % output[:1024].strip() if p.returncode == 0: - logging.debug('nscd_invalidator: nscd -i %s (pid %d) success%s', - db, p.pid, output) + logging.debug('invalidator: %s (pid %d) success%s', + cmd, p.pid, output) elif p.returncode > 0: - logging.debug('nscd_invalidator: nscd -i %s (pid %d) failed (%d)%s', - db, p.pid, p.returncode, output) + logging.debug('invalidator: %s (pid %d) failed (%d)%s', + cmd, p.pid, p.returncode, output) else: # p.returncode < 0 - logging.error('nscd_invalidator: nscd -i %s (pid %d) killed by signal %d%s', - db, p.pid, -p.returncode, output) + logging.error('invalidator: %s (pid %d) killed by signal %d%s', + cmd, p.pid, -p.returncode, output) except: - logging.warn('nscd_invalidator: nscd -i %s failed', db, exc_info=True) + logging.warn('invalidator: %s failed', cmd, exc_info=True) def loop(fd): # set process title try: import setproctitle - setproctitle.setproctitle('(nscd invalidator)') + setproctitle.setproctitle('(invalidator)') except ImportError: pass # set up clean environment @@ -76,8 +76,10 @@ def loop(fd): if db == '': break # close process down db = _char_to_db.get(db, None) - if db: - exec_invalidate(db) + if db == 'nfsidmap': + exec_invalidate('nfsidmap', '-c') + else if db: + exec_invalidate('nscd', '-i', db) def start_invalidator(): @@ -103,8 +105,8 @@ def invalidate(db=None): if db: db = _db_to_char.get(db, '') else: - db = ''.join(_db_to_char[x] for x in cfg.nscd_invalidate) + db = ''.join(_db_to_char[x] for x in cfg.reconnect_invalidate) try: os.write(signalfd, db) except: - logging.warn('nscd_invalidator: nscd -i %s failed', db, exc_info=True) + logging.warn('requesting invalidation (%s) failed', db, exc_info=True) diff --git a/pynslcd/pynslcd.py b/pynslcd/pynslcd.py index df54bad..4a57155 100755 --- a/pynslcd/pynslcd.py +++ b/pynslcd/pynslcd.py @@ -35,7 +35,7 @@ import cfg import common import constants import mypidfile -import nscd +import invalidator import search @@ -323,9 +323,9 @@ if __name__ == '__main__': logging.getLogger().setLevel(min(level for method, level in cfg.logs)) logging.getLogger().removeHandler(stderrhandler) logging.info('version %s starting', constants.VERSION) - # start nscd sub-process if needed - if cfg.nscd_invalidate: - nscd.start_invalidator() + # start invalidator sub-process if needed + if cfg.invalidator_invalidate: + invalidator.start_invalidator() # create socket nslcd_serversocket = create_socket() # load supplementary groups diff --git a/pynslcd/search.py b/pynslcd/search.py index 3db6e9d..f8c82fb 100644 --- a/pynslcd/search.py +++ b/pynslcd/search.py @@ -55,9 +55,9 @@ class Connection(ldap.ldapobject.ReconnectLDAPObject): self.set_option(ldap.OPT_X_TLS, ldap.OPT_X_TLS_HARD) def reconnect_after_fail(self): - import nscd + import invalidator logging.info('connected to LDAP server %s', cfg.uri) - nscd.invalidate() + invalidator.invalidate() def search_s(self, *args, **kwargs): # wrapper function to keep the global server_error state diff --git a/tests/Makefile.am b/tests/Makefile.am index b8990a9..13d34fc 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -55,7 +55,7 @@ test_getpeercred_SOURCES = test_getpeercred.c common.h test_getpeercred_LDADD = ../compat/libcompat.a # common objects that are included for the tests of nslcd functionality -common_nslcd_LDADD = ../nslcd/log.o ../nslcd/common.o ../nslcd/nscd.o \ +common_nslcd_LDADD = ../nslcd/log.o ../nslcd/common.o ../nslcd/invalidator.o \ ../nslcd/myldap.o ../nslcd/attmap.o ../nslcd/nsswitch.o \ ../nslcd/alias.o ../nslcd/ether.o ../nslcd/group.o \ ../nslcd/host.o ../nslcd/netgroup.o ../nslcd/network.o \ |