help-guix
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "user with UID not found" error


From: Christopher Batten
Subject: Re: "user with UID not found" error
Date: Tue, 2 Aug 2022 18:24:04 +0000

>>>> Or do you recommend a different way to run NSCD and SSSD at the same time 
>>>> on RHEL/CentOS systems? 
>>> 
>>> You only need to start it. We don't use it as a cache. We are only 
>>> interested in its network interface for use with glibc.
> […]
>> We turned off all NSCD caching:
>> 
>> % grep enable-cache /etc/nscd.conf
>> #       enable-cache         <service> <yes|no>
>>      enable-cache            passwd          no
>>      enable-cache            group           no
>>      enable-cache            hosts           no
>>      enable-cache            services        no
>>      enable-cache            netgroup        no
> 
> Sorry, it appears that I was wrong about the role of caching.  Our
> cluster nodes (running CentOS) have this nscd config:
> 
> --8<---------------cut here---------------start------------->8---
> enable-cache passwd yes
> enable-cache group yes
> enable-cache hosts no
> enable-cache netgroup no
> --8<---------------cut here---------------end--------------->8---
> 
> So while we don’t rely on caching per se, nscd needs to be configured to
> cache passwd and group so that it actually fetches this type of
> information from the system directories (e.g. LDAP).
> 
> Sorry for the confusion!

OK! But this RHEL doc:

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system-level_authentication_guide/usingnscd-sssd

Seems to suggest turning on NSCD caching for passwd and group while also 
running SSSD can cause subtle issues? It says:

"To avoid this problem, enable caching only for hosts in the the /etc/nscd.conf 
file and rely on the SSSD cache for the passwd, group, services, and netgroup 
entries."

So my sysadmin and I are worried about turning on caching in NSCD and SSSD at 
the same time? Are you running both and have you seen any issues?

Best,
Chris



reply via email to

[Prev in Thread] Current Thread [Next in Thread]