krb5-1.12 beta2 - New Feature - iprop notify
Nico Williams
nico at cryptonector.com
Mon Dec 2 15:21:58 EST 2013
On Mon, Dec 2, 2013 at 12:15 AM, Richard Basch <basch at alum.mit.edu> wrote:
> This implements a framework whereby when kadmind processes an update, it
> notifies the slaves of pending updates (akin to DNS notify events). This
> facilitates more real-time synchronization, and when combined with my
> tree-based propagation patches, should be quite scalable for most
> environments, especially global environments where WAN usage/latency may be
> of concern. This latest patch does layer atop my prior contributions.
Nice idea. A few questions and comments:
- since the live notified slaves will contact kadmind again, why not
reset the list of slaves to notify every time, thus weeding out dead
slaves?
- where are the notification child processes reaped?
- use sigaction(), not signal()
- running the slave notification from a signal handler seems... like
asking for trouble, largely because you have to make sure you're only
calling async-signal-safe code from signal handlers (at least the way
adding slaves to the list works there's no concern about racing
between that and the handler, but you'll need to be careful about how
you weed out dead slaves)
Nico
--
More information about the krbdev
mailing list