From dab6c3bb9feb10b67f08b18656fe24d1f7b01d2b Mon Sep 17 00:00:00 2001
From: Dave Olson <olson@cumulusnetworks.com>
Date: Fri, 12 May 2017 11:43:01 -0700
Subject: Track changes to config files, and reparse if any change

This is done to handle the case where nss_tacplus.so is included in
a long-lived daemon.  It's desirable to have long-lived daemons reflect
changes to the configuration, both to enable/disable debugging, and
particularly if the server list or key changes.  Clear all read config
variables to defaults when re-parsing.

This is complicated by nested configuration files via the include
directive.   At top level, we need to check all the previously used
configuration files to see if any have changed.

This also adds a limitation to no more than 8 deep include nesting.  In
practice, > 2 is going to be very rare, so it should be OK.

Log a message when we re-initialize (without using debug qualifier).
---
 debian/changelog | 4 +++-
 debian/copyright | 5 +++--
 2 files changed, 6 insertions(+), 3 deletions(-)

(limited to 'debian')

diff --git a/debian/changelog b/debian/changelog
index 43d371e..cf33b24 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-libnss-tacplus (1.0.2) unstable; urgency=low
+libnss-tacplus (1.0.3-1) unstable; urgency=low
   * added config variable "timeout" to limit time attempting to
   * added config variable "exclude_users" in /etc/tacplus_nss
     to avoid looking up "local" user accounts via TACACS servers.  This
@@ -11,6 +11,8 @@ libnss-tacplus (1.0.2) unstable; urgency=low
   * Added vrf config variable, so NSS lookups work correctly$
   * During login, send remote add IP address in AUTH request
     connect to non-responding TACACS server.
+  * configuration files should automatically be reparsed
+    if they change, for long-lived programs and daemons that use NSS.
 
  -- Dave Olson <olson@cumulusnetworks.com>  Tue, 07 Mar 2017 12:58:03 -0800
 
diff --git a/debian/copyright b/debian/copyright
index 9b1b34a..710851e 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -3,8 +3,9 @@ Upstream-Name: libnss-tacplus
 Source: http://www.cumulusnetworks.com
 
 Files: *
-Copyright: 2015, 2016 Cumulus Networks, Inc.  All rights reserved.,
-           2010 Pawel Krawczyk <pawel.krawczyk@hush.com> and Jeroen Nijhof <jeroen@jeroennijhof.nl>
+Copyright: 2015, 2016, 2017 Cumulus Networks, Inc.  All rights reserved.,
+           2010 Pawel Krawczyk <pawel.krawczyk@hush.com> and
+                Jeroen Nijhof <jeroen@jeroennijhof.nl>
 License: GPL-2+
  This package is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
-- 
cgit v1.2.3