On 7/27/20 11:07 AM, Lukas Slebodnik wrote:
On (26/07/20 12:08), Spike White wrote:
All,
sssd front-end, AD back-end. Does sssd use initgroups to use initial
group membership?
I was recently debugging a sssd connection problem in the
/var/log/sssd/sssd* logs (debug level 9). and I thought I saw a reference
to initgroups. or getgrouplist().
my /etc/nsswitch.conf file has:
passwd: files systemd sss
group: files systemd sss
Should I also have a line with:
initgroups: files systemd sss
glibc will try to use all possible modules if initgroups is missing in
/etc/nsswitch.conf.
I would not recommend adding such line to nsswitch.conf
If initgroups line is present it behaves quite differently then what you
would expected and you need to add [SUCCESS=continue] after each module
to get the same result.
If it is not preset it default to "group" map with sane behavior.
This is nice explanation of the problem:
https://bugs.gentoo.org/682314#c2
_______________________________________________
sssd-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
