Fix check for values of expiration limits

There were inconsistencies between what sssd.conf manpage said and what the code enforces.
SSSD · Feb 25, 2010 · 980020c · 980020c
1 parent 52e080e
commit 980020c
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
@@ -467,8 +467,8 @@
                             Number of days entries are left in cache after
                             last successful login before being removed during
                             a cleanup of the cache. 0 means keep forever.
-                            The value of this parameter must be bigger than
-                            offline_credentials_expiration.
+                            The value of this parameter must be greater than or
+                            equal to offline_credentials_expiration.
                         </para>
                         <para>
                             Default: 0 (unlimited)

diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
@@ -251,7 +251,7 @@ int ldap_get_options(TALLOC_CTX *memctx,
         goto done;
     }
     if (offline_credentials_expiration && account_cache_expiration &&
-        offline_credentials_expiration >= account_cache_expiration) {
+        offline_credentials_expiration > account_cache_expiration) {
         DEBUG(1, ("Value of %s (now %d) must be larger "
                   "than value of %s (now %d)\n",
                   opts->basic[SDAP_ACCOUNT_CACHE_EXPIRATION].opt_name,