diff options
| author | Dave Olson <olson@cumulusnetworks.com> | 2017-05-12 11:43:01 -0700 |
|---|---|---|
| committer | Dave Olson <olson@cumulusnetworks.com> | 2017-05-23 16:42:48 -0700 |
| commit | dab6c3bb9feb10b67f08b18656fe24d1f7b01d2b (patch) | |
| tree | c841c02461e30d1dc4e194399e45293c883d1c68 /debian | |
| parent | f9f714b3b7b9f77c0165c0850bd816cac0d46292 (diff) | |
| download | libnss-tacplus-dab6c3bb9feb10b67f08b18656fe24d1f7b01d2b.tar.gz libnss-tacplus-dab6c3bb9feb10b67f08b18656fe24d1f7b01d2b.zip | |
Track changes to config files, and reparse if any change
This is done to handle the case where nss_tacplus.so is included in
a long-lived daemon. It's desirable to have long-lived daemons reflect
changes to the configuration, both to enable/disable debugging, and
particularly if the server list or key changes. Clear all read config
variables to defaults when re-parsing.
This is complicated by nested configuration files via the include
directive. At top level, we need to check all the previously used
configuration files to see if any have changed.
This also adds a limitation to no more than 8 deep include nesting. In
practice, > 2 is going to be very rare, so it should be OK.
Log a message when we re-initialize (without using debug qualifier).
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/changelog | 4 | ||||
| -rw-r--r-- | debian/copyright | 5 |
2 files changed, 6 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog index 43d371e..cf33b24 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -libnss-tacplus (1.0.2) unstable; urgency=low +libnss-tacplus (1.0.3-1) unstable; urgency=low * added config variable "timeout" to limit time attempting to * added config variable "exclude_users" in /etc/tacplus_nss to avoid looking up "local" user accounts via TACACS servers. This @@ -11,6 +11,8 @@ libnss-tacplus (1.0.2) unstable; urgency=low * Added vrf config variable, so NSS lookups work correctly$ * During login, send remote add IP address in AUTH request connect to non-responding TACACS server. + * configuration files should automatically be reparsed + if they change, for long-lived programs and daemons that use NSS. -- Dave Olson <olson@cumulusnetworks.com> Tue, 07 Mar 2017 12:58:03 -0800 diff --git a/debian/copyright b/debian/copyright index 9b1b34a..710851e 100644 --- a/debian/copyright +++ b/debian/copyright @@ -3,8 +3,9 @@ Upstream-Name: libnss-tacplus Source: http://www.cumulusnetworks.com Files: * -Copyright: 2015, 2016 Cumulus Networks, Inc. All rights reserved., - 2010 Pawel Krawczyk <pawel.krawczyk@hush.com> and Jeroen Nijhof <jeroen@jeroennijhof.nl> +Copyright: 2015, 2016, 2017 Cumulus Networks, Inc. All rights reserved., + 2010 Pawel Krawczyk <pawel.krawczyk@hush.com> and + Jeroen Nijhof <jeroen@jeroennijhof.nl> License: GPL-2+ This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by |