diff --git a/lib/kadm5/admin.h b/lib/kadm5/admin.h index 530070c78..a556efd22 100644 --- a/lib/kadm5/admin.h +++ b/lib/kadm5/admin.h @@ -225,6 +225,7 @@ typedef struct _kadm5_policy_ent_t { #define KADM5_CONFIG_ENCTYPES (1 << 18) #define KADM5_CONFIG_READONLY_ADMIN_SERVER (1 << 19) #define KADM5_CONFIG_READONLY_KADMIN_PORT (1 << 20) +#define KADM5_CONFIG_ASYNC_HDB_WRITES (1 << 21) #define KADM5_PRIV_GET (1 << 0) #define KADM5_PRIV_ADD (1 << 1) diff --git a/lib/kadm5/chpass_s.c b/lib/kadm5/chpass_s.c index c89448f48..c37d8cca6 100644 --- a/lib/kadm5/chpass_s.c +++ b/lib/kadm5/chpass_s.c @@ -140,6 +140,12 @@ change(void *server_handle, ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) return ret; + + if (context->config.mask & KADM5_CONFIG_ASYNC_HDB_WRITES) { + ret = context->db->hdb_set_sync(context->context, context->db, 0); + if (ret) + return ret; + } } ret = kadm5_log_init(context); @@ -376,6 +382,12 @@ kadm5_s_chpass_principal_with_key(void *server_handle, ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) return ret; + + if (context->config.mask & KADM5_CONFIG_ASYNC_HDB_WRITES) { + ret = context->db->hdb_set_sync(context->context, context->db, 0); + if (ret) + return ret; + } } ret = kadm5_log_init(context); diff --git a/lib/kadm5/context_s.c b/lib/kadm5/context_s.c index 5c9b3e31c..86290e0af 100644 --- a/lib/kadm5/context_s.c +++ b/lib/kadm5/context_s.c @@ -56,6 +56,12 @@ kadm5_s_lock(void *server_handle) if (ret) return ret; + if (context->config.mask & KADM5_CONFIG_ASYNC_HDB_WRITES) { + ret = context->db->hdb_set_sync(context->context, context->db, 0); + if (ret) + return ret; + } + ret = context->db->hdb_lock(context->context, context->db, HDB_WLOCK); if (ret) { (void) context->db->hdb_close(context->context, context->db); diff --git a/lib/kadm5/create_s.c b/lib/kadm5/create_s.c index 26e4e4ca7..e13e643ae 100644 --- a/lib/kadm5/create_s.c +++ b/lib/kadm5/create_s.c @@ -205,6 +205,14 @@ kadm5_s_create_principal_with_key(void *server_handle, hdb_free_entry(context->context, context->db, &ent); return ret; } + + if (context->config.mask & KADM5_CONFIG_ASYNC_HDB_WRITES) { + ret = context->db->hdb_set_sync(context->context, context->db, 0); + if (ret) { + hdb_free_entry(context->context, context->db, &ent); + return ret; + } + } } ret = kadm5_log_init(context); @@ -324,6 +332,14 @@ kadm5_s_create_principal(void *server_handle, hdb_free_entry(context->context, context->db, &ent); return ret; } + + if (context->config.mask & KADM5_CONFIG_ASYNC_HDB_WRITES) { + ret = context->db->hdb_set_sync(context->context, context->db, 0); + if (ret) { + hdb_free_entry(context->context, context->db, &ent); + return ret; + } + } } ret = kadm5_log_init(context); diff --git a/lib/kadm5/delete_s.c b/lib/kadm5/delete_s.c index aa9fdb4fc..2084f5f6c 100644 --- a/lib/kadm5/delete_s.c +++ b/lib/kadm5/delete_s.c @@ -101,6 +101,15 @@ kadm5_s_delete_principal(void *server_handle, krb5_principal princ) krb5_warn(context->context, ret, "opening database"); return ret; } + + if (context->config.mask & KADM5_CONFIG_ASYNC_HDB_WRITES) { + ret = context->db->hdb_set_sync(context->context, context->db, 0); + if (ret) { + krb5_warn(context->context, ret, + "disabling synchronous updates"); + return ret; + } + } } ret = kadm5_log_init(context); diff --git a/lib/kadm5/modify_s.c b/lib/kadm5/modify_s.c index 2159caf55..0af684455 100644 --- a/lib/kadm5/modify_s.c +++ b/lib/kadm5/modify_s.c @@ -111,6 +111,12 @@ modify_principal(void *server_handle, ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) return ret; + + if (context->config.mask & KADM5_CONFIG_ASYNC_HDB_WRITES) { + ret = context->db->hdb_set_sync(context->context, context->db, 0); + if (ret) + return ret; + } } ret = kadm5_log_init(context); diff --git a/lib/kadm5/prune_s.c b/lib/kadm5/prune_s.c index 96133f242..202aa7d71 100644 --- a/lib/kadm5/prune_s.c +++ b/lib/kadm5/prune_s.c @@ -103,6 +103,12 @@ kadm5_s_prune_principal(void *server_handle, ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) return ret; + + if (context->config.mask & KADM5_CONFIG_ASYNC_HDB_WRITES) { + ret = context->db->hdb_set_sync(context->context, context->db, 0); + if (ret) + return ret; + } } ret = kadm5_log_init(context); diff --git a/lib/kadm5/randkey_s.c b/lib/kadm5/randkey_s.c index cb3696720..48d5fbd86 100644 --- a/lib/kadm5/randkey_s.c +++ b/lib/kadm5/randkey_s.c @@ -111,6 +111,12 @@ kadm5_s_randkey_principal(void *server_handle, ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) return ret; + + if (context->config.mask & KADM5_CONFIG_ASYNC_HDB_WRITES) { + ret = context->db->hdb_set_sync(context->context, context->db, 0); + if (ret) + return ret; + } } ret = kadm5_log_init(context); diff --git a/lib/kadm5/rename_s.c b/lib/kadm5/rename_s.c index 914331817..2f5fef323 100644 --- a/lib/kadm5/rename_s.c +++ b/lib/kadm5/rename_s.c @@ -108,6 +108,12 @@ kadm5_s_rename_principal(void *server_handle, ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); if(ret) return ret; + + if (context->config.mask & KADM5_CONFIG_ASYNC_HDB_WRITES) { + ret = context->db->hdb_set_sync(context->context, context->db, 0); + if (ret) + return ret; + } } ret = kadm5_log_init(context); diff --git a/lib/kadm5/setkey3_s.c b/lib/kadm5/setkey3_s.c index 584c194dd..5c6331769 100644 --- a/lib/kadm5/setkey3_s.c +++ b/lib/kadm5/setkey3_s.c @@ -120,10 +120,17 @@ kadm5_s_setkey_principal_3(void *server_handle, size_t i; memset(&ent, 0, sizeof(ent)); - if (!context->keep_open) - ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); - if (ret) - return ret; + if (!context->keep_open) { + ret = context->db->hdb_open(context->context, context->db, O_RDWR, 0); + if (ret) + return ret; + + if (context->config.mask & KADM5_CONFIG_ASYNC_HDB_WRITES) { + ret = context->db->hdb_set_sync(context->context, context->db, 0); + if (ret) + return ret; + } + } ret = kadm5_log_init(context); if (ret) {