Bug 505771

Summary: RFE: Allow Cache to Expire Also When Offline
Product: [Fedora] Fedora Reporter: Daniel Qarras <dqarras>
Component: sssdAssignee: Stephen Gallagher <sgallagh>
Status: CLOSED UPSTREAM QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: 11CC: dpal, jhrozek, sbose, ssorce
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: https://fedorahosted.org/sssd/ticket/60
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-10-24 12:37:14 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Daniel Qarras 2009-06-13 16:45:08 UTC 
Description of problem:
As per https://www.redhat.com/archives/freeipa-users/2009-June/msg00040.html it might in some cases be useful to allow cached entries to expire also when offline. For example, an organization may have a policy that all users must change they passwords twice a month - in that case it would be non-compliant that a user can keep using his password "forever" if offline.

Additional info:
https://www.redhat.com/archives/freeipa-users/2009-June/msg00040.html
Comment 1 Simo Sorce 2009-06-17 13:11:46 UTC 
Ok, here we have 2 separate issues.
one is the user/groups cache, another is the credentials cache (hashed, cached password).

What we need to "expire" are only credential caches.
It should be harmless to keep around user/group caches.
Comment 2 Daniel Qarras 2009-10-24 12:37:14 UTC 
Since this is upstreamed at https://fedorahosted.org/sssd/ticket/60 I'll close this one.

Thanks.