On 05/15/2017 11:28 AM, Tomasz Kłoczko wrote: > On 15 May 2017 at 17:15, Jakub Hrozek <jhro...@redhat.com> wrote: >> This change proposes leveraging a new "files" provider SSSD will ship in >> the next version in order to resolve also users from the local files. >> That way, the "sss" NSS module can be configured before the files module >> in nsswitch.conf and the system could leverage sss_nss caching for both >> local and remote users. > So someone reinvented the wheel/nscd?
Tomasz, your tone is needlessly hostile. If you have a question, ask it. If you want to make a suggestion, make it. But casting aspersions on people doing work is unacceptable. Frankly, nearly all of your posts to this list have been hostile to the rest of the community and have not added to the discussion in any way. You can do better than this, and we expect you to do so if you don't want people to just start blocking your messages and ignoring you entirely. Now, in this particular case, what happened is that SSSD was developed which is a significant improvement over NSCD when used with central identity stores like LDAP, FreeIPA, etc. However, one down-side to this is that it can't coexist with nscd because nscd is too greedy and doesn't allow requests to always pass to the SSSD service. So when using SSSD for central identities, we take a performance hit on local lookups (they need to go to I/O against the disk). A recent enhancement to SSSD allows the performance to be restored to nscd levels when dealing with the local accounts. So we enabled that and made SSSD the primary source for lookups.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
