Hey folks,
During an internal reliability test, we recently found out that
/var/lib/sss/pubconf/kdcinfo.${REALM} stays static even when the IP
cached there is unreachable or down. During the test, kinit failed
consistently for those unfortunate to have a bad KDC cached.
I found this draft document which would probably solve this issue for
us: https://docs.pagure.org/SSSD.sssd/design_pages/kerberos_locator_red
esign.html
But until said redesign happens, I'm thinking about workarounds. One
idea is symlinking that file to /dev/null, another would be just
periodically rm-ing it. I'm trying the first today on my laptop and it
seems fine, but I haven't really tested it past that.
Any suggestions?
_______________________________________________
sssd-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
