|
|
1756dc |
From 766fb1c67f0b0cef0734756704d603df7d322a4c Mon Sep 17 00:00:00 2001
|
|
|
1756dc |
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
|
1756dc |
Date: Wed, 26 Sep 2018 13:32:31 +0200
|
|
|
1756dc |
Subject: [PATCH 16/16] sssd: document that this profile can be used also with
|
|
|
1756dc |
sssd disabled
|
|
|
1756dc |
|
|
|
1756dc |
https://github.com/pbrezina/authselect/issues/99
|
|
|
1756dc |
---
|
|
|
1756dc |
profiles/sssd/README | 14 ++++++++++++--
|
|
|
1756dc |
1 file changed, 12 insertions(+), 2 deletions(-)
|
|
|
1756dc |
|
|
|
1756dc |
diff --git a/profiles/sssd/README b/profiles/sssd/README
|
|
|
1756dc |
index 42293ab39c628c285921b8b47c4a763fd0215472..c597afecff112e8af7905de9b6a8db77d5c3227c 100644
|
|
|
1756dc |
--- a/profiles/sssd/README
|
|
|
1756dc |
+++ b/profiles/sssd/README
|
|
|
1756dc |
@@ -1,5 +1,5 @@
|
|
|
1756dc |
-Enable SSSD for system authentication
|
|
|
1756dc |
-=====================================
|
|
|
1756dc |
+Enable SSSD for system authentication (also for local users only)
|
|
|
1756dc |
+=================================================================
|
|
|
1756dc |
|
|
|
1756dc |
Selecting this profile will enable SSSD as the source of identity
|
|
|
1756dc |
and authentication providers.
|
|
|
1756dc |
@@ -12,6 +12,16 @@ to connect to multiple different account sources.
|
|
|
1756dc |
More information about SSSD can be found on its project page:
|
|
|
1756dc |
https://pagure.io/SSSD/sssd
|
|
|
1756dc |
|
|
|
1756dc |
+By default, local users are served from SSSD rather then local files if SSSD
|
|
|
1756dc |
+is enabled (however they authenticate via pam_unix). This have a performance
|
|
|
1756dc |
+benefit since SSSD caches the files content in fast in-memory cache and thus
|
|
|
1756dc |
+reduces number of disk operations.
|
|
|
1756dc |
+
|
|
|
1756dc |
+However, if you do not want to keep SSSD running on your machine, you can
|
|
|
1756dc |
+keep this profile selected and just disable SSSD service. The resulting
|
|
|
1756dc |
+configuration will still work correctly even with SSSD disabled and local users
|
|
|
1756dc |
+and groups will be read from local files directly.
|
|
|
1756dc |
+
|
|
|
1756dc |
SSSD CONFIGURATION
|
|
|
1756dc |
------------------
|
|
|
1756dc |
|
|
|
1756dc |
--
|
|
|
1756dc |
2.17.1
|
|
|
1756dc |
|