On Fri, Nov 17, 2017 at 07:43:15PM +0000, Mark Ignacio wrote: > Hey folks, > > During an internal reliability test, we recently found out that > /var/lib/sss/pubconf/kdcinfo.${REALM} stays static even when the IP > cached there is unreachable or down. During the test, kinit failed > consistently for those unfortunate to have a bad KDC cached. > > I found this draft document which would probably solve this issue for > us: https://docs.pagure.org/SSSD.sssd/design_pages/kerberos_locator_red > esign.html > > But until said redesign happens, I'm thinking about workarounds. One > idea is symlinking that file to /dev/null, another would be just > periodically rm-ing it. I'm trying the first today on my laptop and it > seems fine, but I haven't really tested it past that. > > Any suggestions?
You can also set the krb5_use_kdcinfo file to false to avoid generating the file in the first place. _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org