dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone

Blame SOURCES/0048-doc-Add-nsswitch.conf-note-to-manpage.patch

71e593
From 42b92ad5b26ebbc7c387aa7111f70c74b63cd84f Mon Sep 17 00:00:00 2001
71e593
From: Tomas Halman <thalman@redhat.com>
71e593
Date: Mon, 1 Oct 2018 13:45:52 +0200
71e593
Subject: [PATCH 48/57] doc: Add nsswitch.conf note to manpage
71e593
71e593
We want to add note about nsswitch.conf configuration
71e593
into sssd-files manpage.
71e593
71e593
Resolves:
71e593
https://pagure.io/SSSD/sssd/issue/3750
71e593
71e593
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
71e593
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
71e593
(cherry picked from commit 0be037bbedd0aed6a7eccead6aabe0d07258242a)
71e593
---
71e593
 src/man/sssd-files.5.xml | 34 +++++++++++++++++++++++++++++++++-
71e593
 1 file changed, 33 insertions(+), 1 deletion(-)
71e593
71e593
diff --git a/src/man/sssd-files.5.xml b/src/man/sssd-files.5.xml
71e593
index 59e1b652328b6548386d9e15938db38197ad2a92..067e21949ffe10d783cc305c57c0ae57c906f899 100644
71e593
--- a/src/man/sssd-files.5.xml
71e593
+++ b/src/man/sssd-files.5.xml
71e593
@@ -51,6 +51,27 @@
71e593
                 <manvolnum>5</manvolnum>
71e593
             </citerefentry>.
71e593
         </para>
71e593
+        <para>
71e593
+            Another reason is to provide efficient caching of local users and groups.
71e593
+        </para>
71e593
+        <para>
71e593
+            Please note that some distributions enable the files domain automatically,
71e593
+            prepending the domain before any explicitly configured domains.
71e593
+            See enable_files_domain in
71e593
+            <citerefentry>
71e593
+                <refentrytitle>sssd.conf</refentrytitle>
71e593
+                <manvolnum>5</manvolnum>
71e593
+            </citerefentry>.
71e593
+        </para>
71e593
+        <para>
71e593
+            SSSD never handles resolution of user/group "root". Also resolution of
71e593
+            UID/GID 0 is not handled by SSSD. Such requests are passed to next
71e593
+            NSS module (usually files).
71e593
+        </para>
71e593
+        <para>
71e593
+            When SSSD is not running or responding, nss_sss returns the UNAVAIL code
71e593
+            which causes the request to be passed to the next module.
71e593
+        </para>
71e593
     </refsect1>
71e593
 
71e593
     <refsect1 id='configuration-options'>
71e593
@@ -110,11 +131,22 @@
71e593
 <programlisting>
71e593
 [domain/files]
71e593
 id_provider = files
71e593
+</programlisting>
71e593
+        </para>
71e593
+        <para>
71e593
+            To leverage caching of local users and groups by SSSD
71e593
+            nss_sss module must be listed before nss_files module
71e593
+            in /etc/nsswitch.conf.
71e593
+        </para>
71e593
+        <para>
71e593
+<programlisting>
71e593
+passwd:     sss files
71e593
+group:      sss files
71e593
 </programlisting>
71e593
         </para>
71e593
     </refsect1>
71e593
 
71e593
-	<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/seealso.xml" />
71e593
+        <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/seealso.xml" />
71e593
 
71e593
 </refentry>
71e593
 </reference>
71e593
-- 
71e593
2.14.4
71e593