Learn more about these different git repos.
Other Git URLs
Currently our fast cache expires quickly and when an entry is expired it cannot be used. This is a problem when the sssd_nss provider is malfunctioning permanently or temporarily. It is a problem because it breaks running applications using getpwnam/getgrnam queries on cached users, or other operations (like sudo) or login attempts via ssh keys and similar. If the fast cache was used in case the responder cannot be connected or the connection abruptly fails we'd have a more resilient system.
Additionally it may be useful for performance reason to add an option to mark "special interest" groups that are never pushed out of the cache (this may happens in domain with many groups if some application tries to enumerate them. Optionally this setting is paired with a timer in the nss provider the regularly refreshes these "special interest" groups (and their users?) in the fast cache. This would be botha resiliency and performance optimization as it would prevent periodic latency spikes to access group information from performance sensitive applications, as the fast cache would be kept hot and wouldn't require synchronous in-band updates when the application stumbles on an expired entry.
Metadata Update from @thalman: - Issue tagged with: Future milestone
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/5051
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @pbrezina: - Issue close_status updated to: cloned-to-github - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.