Thank you Stephen, really helps me your answer. 2016-11-21 14:13 GMT+02:00 Stephen Gallagher <sgall...@redhat.com>:
> On 11/21/2016 05:01 AM, Catalin wrote: > > I'm not skilled with this config files of networking. > > I want to know more about how is working this file. > > This file lists the possible sources of user/group/host/etc. data that the > system may wish to use. In the case of 'sss', it is opportunistic. What > that > means is that if SSSD has been configured, the system will use it. If it is > unconfigured (the default configuration), then the 'sss' lookup will just > be > skipped. > > > > I saw this can activate some dns settings - but this is not the main > issue. > > I don't know what you mean by this. If SSSD is configured, it might make > DNS > requests, but so can any other service on your system. > > > Why is that sss word put into default file? > > It's there to work around a number of really old, poor design decisions in > POSIX. (Specifically that the nsswitch.conf file is only ever read once > when a > process linked to glibc starts up and cannot be refreshed). The problem > was that > if anyone enrolled a system with a central user repository like LDAP, > FreeIPA or > Active Directory, processes on the system would still be unable to access > those > accounts until after a reboot. > > > How can I improve my Fedora security? > > That is a topic that is far beyond the scope of this thread. > > > I used into internet rarely and most of new config files is new for me. > > If you don't know what this does, why are you trying to change it (rather > than > trusting that the OS developers made the decision carefully). > > > > > _______________________________________________ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > >
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
