After a discussion with the Change owner, this Change is going to be considered as System Wide. The reason is a need for change of the order of modules in nsswitch.conf,. Regards, Jan On Tue, Jan 31, 2017 at 1:17 PM, Jan Kurik <jkurik@xxxxxxxxxx> wrote: > = Proposed Self Contained Change: SSSD fast cache for local users = > https://fedoraproject.org/wiki/Changes/SSSDCacheForLocalUsers > > Change owner(s): > * Stephen Gallagher <sgallagh AT redhat DOT com> > * Jakub Hrozek <jhrozek AT redhat DOT com> > > Enable resolving all users through the sss NSS modules for better performance. > > > == Detailed Description == > SSSD ships with a very fast memory cache for a couple of releases now. > However, using this cache conflicts with nscd's caching and nscd has > been disabled by default. That degrades performance, because every > user or group lookup must open the local files. > > This change proposes leveraging a new "files" provider SSSD will ship > in the next version in order to resolve also users from the local > files. That way, the "sss" NSS module can be configured before the > files module in nsswitch.conf and the system could leverage sss_nss > caching for both local and remote users. > > The upstream design of the files provider can be found at: > https://fedorahosted.org/sssd/wiki/DesignDocs/FilesProvider > > Below is a mini-FAQ that lists the most common questions we've received so far: > > Q: Does SSSD take over /etc/passwd and /etc/files? > A: No. SSSD just monitors them with inotify and copies the records > into its cache. > > Q: Does SSSD need to be running all the time now? What if it crashes? > A: SSSD needs to be running in order to benefit from this > functionality. However, the nss_sss module is built in such a way that > even if sssd is not running, nss_sss should fail over to nss_files > pretty quickly (we'll quantify "pretty quickly" in a more scientific > fashion soon) > > Q: Do I need to configure SSSD now? > A: No, we'll ship a default configuration. > > > == Scope == > * Proposal owners: > Jakub Hrozek and Stephen Gallagher work on the design and coding > > * Other developers: > The SSSD upstream will participate in code review of the change > > * Release engineering: > None required > > * Policies and guidelines: > None needed > > * Trademark approval: > None needed > -- > Jan Kuřík > Platform & Fedora Program Manager > Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic -- Jan Kuřík Platform & Fedora Program Manager Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
