freeipa/client
Rob Crittenden b842b825ab Make the schema cache TTL user-configurable
The API schema is not checked for changes until after a TTL
is expired. A one-hour TTL was hardcoded which makes development
tedious because the only way to force a schema update is to
remember to remove files between invocations.

This adds a new environment variable, schema_ttl, to configure
the TTL returned by the server to schema() calls. This can be
set low to ensure a frequent refresh during development.

If the client is in compat mode, that is if client is working
against a server that doesn't support the schema() command,
then use the client's schema_ttl instead so that the user still
has control.

Re-check validity before writing the cache. This saves us both
a disk write and the possibility of updating the expiration
with a ttl of 0. This can happen if the fingerprint is still
valid (not expired, no language change) the schema check is
skipped so we have no server-provided ttl.

https://pagure.io/freeipa/issue/8492

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Stanislav Levin <slev@altlinux.org>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2021-11-03 10:59:10 +01:00
..
man Make the schema cache TTL user-configurable 2021-11-03 10:59:10 +01:00
share Create IPA ssh client configuration and move ProxyCommand 2020-11-23 09:04:27 +01:00
sysconfig Increase default debug level of certmonger 2019-06-24 10:00:37 +02:00
systemd systemd: enforce en_US.UTF-8 locale in systemd units 2020-12-10 14:38:05 +02:00
certbot-dns-ipa.in dnspython: Add compatibility shim 2020-08-31 09:46:03 +03:00
config.c Fix ressource leak in client/config.c get_config_entry 2018-10-23 16:45:22 +02:00
ipa-certupdate.in Replace PYTHONSHEBANG with valid shebang 2019-06-24 09:35:57 +02:00
ipa-client-automount.in Introduce minimal ipa-client-automount.in and ipactl.in 2019-06-28 10:53:07 +02:00
ipa-client-common.c Split ipa-client/ into ipaclient/ (Python library) and client/ (C, scripts) 2016-01-27 12:09:02 +01:00
ipa-client-common.h ipa-join: switch to jansson for json handling 2020-07-09 14:17:47 +03:00
ipa-client-install.in Replace PYTHONSHEBANG with valid shebang 2019-06-24 09:35:57 +02:00
ipa-client-samba.in ipa-client-samba: a tool to configure Samba domain member on IPA client 2019-06-29 11:00:28 +03:00
ipa-epn.in IPA-EPN: First version. 2020-06-09 08:43:45 +02:00
ipa-getkeytab.c ipa-getkeytab: fix compiler warnings 2021-07-30 08:45:08 -04:00
ipa-join.c Easier to use ipa_gethostfqdn() 2020-10-26 17:11:19 +11:00
ipa-rmkeytab.c ipa-rmkeytab: Check return value of krb5_kt_(start|end)_seq_get 2021-01-15 14:06:53 +01:00
Makefile.am ipa-getkeytab: add option to discover servers using DNS SRV 2021-07-30 08:45:08 -04:00
version.m4.in Split ipa-client/ into ipaclient/ (Python library) and client/ (C, scripts) 2016-01-27 12:09:02 +01:00