diff --git a/lib/kadm5/iprop.8 b/lib/kadm5/iprop.8 index 832041011..a4b4e1e70 100644 --- a/lib/kadm5/iprop.8 +++ b/lib/kadm5/iprop.8 @@ -64,19 +64,14 @@ .Op Fl Fl version .Op Fl Fl help .Nm ipropd-slave -.Oo Fl c Ar string \*(Ba Xo -.Fl Fl config-file= Ns Ar string -.Xc -.Oc -.Oo Fl r Ar string \*(Ba Xo -.Fl Fl realm= Ns Ar string -.Xc -.Oc -.Oo Fl k Ar kspec \*(Ba Xo -.Fl Fl keytab= Ns Ar kspec -.Xc -.Oc +.Oo Fl c Ar string \*(Ba Xo Fl Fl config-file= Ns Ar string Xc Oc +.Oo Fl r Ar string \*(Ba Xo Fl Fl realm= Ns Ar string Xc Oc +.Oo Fl k Ar kspec \*(Ba Xo Fl Fl keytab= Ns Ar kspec Xc Oc +.Op Fl Fl statusfile= Ns Ar file +.Op Fl Fl hostname= Ns Ar hostname +.Op Fl Fl port= Ns Ar port .Op Fl Fl time-lost= Ns Ar time +.Op Fl Fl async-hdb .Op Fl Fl detach .Op Fl Fl version .Op Fl Fl help @@ -151,17 +146,19 @@ Supported options for .It Fl c Ar string , Fl Fl config-file= Ns Ar string .It Fl r Ar string , Fl Fl realm= Ns Ar string .It Fl k Ar kspec , Fl Fl keytab= Ns Ar kspec -keytab to get authentication from +Keytab for authenticating +.Nm ipropd-slave +clients. .It Fl d Ar file , Fl Fl database= Ns Ar file Database (default per KDC) .It Fl Fl slave-stats-file= Ns Ar file -file for slave status information +File for slave status information. .It Fl Fl time-missing= Ns Ar time -time before slave is polled for presence (default 2 min) +Time before slave is polled for presence (default 2 min). .It Fl Fl time-gone= Ns Ar time -time of inactivity after which a slave is considered gone (default 5 min) +Time of inactivity after which a slave is considered gone (default 5 min). .It Fl Fl detach -detach from console +Detach from console. .It Fl Fl version .It Fl Fl help .El @@ -172,11 +169,20 @@ Supported options for .It Fl c Ar string , Fl Fl config-file= Ns Ar string .It Fl r Ar string , Fl Fl realm= Ns Ar string .It Fl k Ar kspec , Fl Fl keytab= Ns Ar kspec -keytab to get authentication from +Keytab with client credentials for authenticating to +.Nm ipropd-master . +.It Fl Fl status-file= Ns Ar file +.It Fl Fl hostname= Ns Ar hostname +Hostname for client principal if different from actual hostname. +.It Fl Fl port= Ns Ar port .It Fl Fl time-lost= Ns Ar time time before server is considered lost (default 5 min) +.It Fl Fl async-hdb +Use asynchronous writes. +This is very useful for very busy sites or sites with very large +HDBs. .It Fl Fl detach -detach from console +Detach from console. .It Fl Fl version .It Fl Fl help .El diff --git a/lib/kadm5/ipropd_slave.c b/lib/kadm5/ipropd_slave.c index 9a6387667..ec8b3f047 100644 --- a/lib/kadm5/ipropd_slave.c +++ b/lib/kadm5/ipropd_slave.c @@ -38,6 +38,7 @@ RCSID("$Id$"); static const char *config_name = "ipropd-slave"; static int verbose; +static int async_hdb = 0; static krb5_log_facility *log_facility; static char five_min[] = "5 min"; @@ -431,18 +432,18 @@ receive(krb5_context context, kadm5_server_context *server_context) { krb5_error_code ret, ret2; + HDB *mydb = server_context->db; - ret = server_context->db->hdb_open(context, - server_context->db, - O_RDWR | O_CREAT, 0600); + ret = mydb->hdb_open(context, server_context->db, O_RDWR | O_CREAT, 0600); if (ret) krb5_err(context, IPROPD_RESTART_SLOW, ret, "db->open"); + (void) mydb->hdb_set_sync(context, mydb, !async_hdb); ret2 = receive_loop(context, sp, server_context); if (ret2) krb5_warn(context, ret2, "receive from ipropd-master had errors"); - ret = server_context->db->hdb_close(context, server_context->db); + ret = mydb->hdb_close(context, server_context->db); if (ret) krb5_err(context, IPROPD_RESTART_SLOW, ret, "db->close"); @@ -598,7 +599,7 @@ receive_everything(krb5_context context, int fd, reinit_log(context, server_context, vno); - ret = mydb->hdb_set_sync(context, mydb, 1); + ret = mydb->hdb_set_sync(context, mydb, !async_hdb); if (ret) krb5_err(context, IPROPD_RESTART_SLOW, ret, "failed to sync the received HDB"); ret = mydb->hdb_close(context, mydb); @@ -701,6 +702,7 @@ static struct getargs args[] = { "private argument, do not use", NULL }, { "pidfile-basename", 0, arg_string, &pidfile_basename, "basename of pidfile; private argument for testing", "NAME" }, + { "async-hdb", 'a', arg_flag, &async_hdb, NULL, NULL }, { "hostname", 0, arg_string, rk_UNCONST(&slave_str), "hostname of slave (if not same as hostname)", "hostname" }, { "verbose", 0, arg_flag, &verbose, NULL, NULL },