Bug 28729
| Summary: | Quota nicht bei jeder Anmeldung auswerten | ||
|---|---|---|---|
| Product: | UCS | Reporter: | Janis Meybohm <meybohm> |
| Component: | Quota | Assignee: | Stefan Gohmann <gohmann> |
| Status: | CLOSED FIXED | QA Contact: | Felix Botner <botner> |
| Severity: | enhancement | ||
| Priority: | P2 | CC: | ebersbach, gohmann, grandjean, petersen, roland.buser, steuwer, walkenhorst |
| Version: | UCS 3.2 | ||
| Target Milestone: | UCS 3.2-5-errata | ||
| Hardware: | Other | ||
| OS: | Linux | ||
| What kind of report is it?: | --- | What type of bug is this?: | --- |
| Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
| User Pain: | Enterprise Customer affected?: | ||
| School Customer affected?: | ISV affected?: | ||
| Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
| Ticket number: | Bug group (optional): | UCS Performance | |
| Max CVSS v3 score: | |||
| Bug Depends on: | |||
| Bug Blocks: | 36104, 36989 | ||
|
Description
Janis Meybohm
The problem occurs more often in UCS@school environments like 2013112621003598 UCS@school usually comes with a larger number of shares (one per class), which increases the problem. univention-user-quota processes each share with a policy result in case one matches to the current user. In addition, it seems to run more than one time per user (maybe samba4 triggers pam-session on each connection to a share?). ideas to improve the script: - modify it to run it once per user per day (as mentioned in comment #1) - cache the informations about shares and their policy results - fork a background process instead of blocking the PAM stack Also reported in Ticket #2014090421000331. Also reported at 2014100821000213 (In reply to Ingo Steuwer from comment #1) > The problem occurs more often in UCS@school environments like > 2013112621003598 > > UCS@school usually comes with a larger number of shares (one per class), > which increases the problem. In one case (2014100821000213) - it is not possible to even run the script once a day, as one run with >25000 users and >4000 shares takes much more than one day. Another idea would be to configure a list with shares on wich the quota should be updated. This seems to dramatically increase the run time. Another UCS@school customer reported this issue at Ticket #2014101321000203. Reported at 2015012621000311 I think we should change it in the following way: * The tool univention-user-quota doesn't run the policy_result itself. It uses a cache directory. * The cache directory is filled by a listener module. * The listener module has to re-create the cache for one share if the share path, the share hostname, or the policy reference has been changed at a share object or if a quota policy has been changed or if a policy reference has been changed at a parent object. Backported from UCS 4.0-1errata, see Bug #36989 for details. ucs-test: r59599 univention-quota: r59600 YAML: 2015-04-03-univention-quota.yaml: r59601 For QA: see also /usr/share/ucs-test/53_samba-common/50quota Some more fixes: r59715 + r59717 + r59721 + r59723 A new directory /var/cache/univention-quota/todo has been added. The listener module now uses this directory to transfer the DNs from the handler to the postrun. The listener also uses the connection to the ldap/master if other ldap servers (ldap/server/*) are not reachable. OK - see bug #36989 OK - YAML |