From 766fb1c67f0b0cef0734756704d603df7d322a4c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
Date: Wed, 26 Sep 2018 13:32:31 +0200
Subject: [PATCH 16/16] sssd: document that this profile can be used also with
 sssd disabled

https://github.com/pbrezina/authselect/issues/99
---
 profiles/sssd/README | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/profiles/sssd/README b/profiles/sssd/README
index 42293ab39c628c285921b8b47c4a763fd0215472..c597afecff112e8af7905de9b6a8db77d5c3227c 100644
--- a/profiles/sssd/README
+++ b/profiles/sssd/README
@@ -1,5 +1,5 @@
-Enable SSSD for system authentication
-=====================================
+Enable SSSD for system authentication (also for local users only)
+=================================================================
 
 Selecting this profile will enable SSSD as the source of identity
 and authentication providers.
@@ -12,6 +12,16 @@ to connect to multiple different account sources.
 More information about SSSD can be found on its project page:
 https://pagure.io/SSSD/sssd
 
+By default, local users are served from SSSD rather then local files if SSSD
+is enabled (however they authenticate via pam_unix). This have a performance
+benefit since SSSD caches the files content in fast in-memory cache and thus
+reduces number of disk operations.
+
+However, if you do not want to keep SSSD running on your machine, you can
+keep this profile selected and just disable SSSD service. The resulting
+configuration will still work correctly even with SSSD disabled and local users
+and groups will be read from local files directly.
+
 SSSD CONFIGURATION
 ------------------
 
-- 
2.17.1